sload | d79a3fc774f33dd5627f9890aaecd2a7b2345a31352e0220cdea8879271e3dec | Triage

Sharing

General

Target

9ce4684fb3f4cb15b06c81e5793dfa19
Size

10KB
Sample

231219-zskw6sdfg4
MD5

9ce4684fb3f4cb15b06c81e5793dfa19
SHA1

0eac6eb9a83291bc91e8d076dad09d2127f791a4
SHA256

d79a3fc774f33dd5627f9890aaecd2a7b2345a31352e0220cdea8879271e3dec
SHA512

33a9d854d4cbbe8621b879ffd62959b88b67d644be905aea733f1bed2c9a52ed16ee140b1b412a21d508cd338b10f7b3fe21e2f577334be0f0c1506aaea8f49e
SSDEEP

192:6kgUyxM50kJxhK4yf3AaKBToCoio/jVpudh6Af/5P3t9x12Gwz6QBGNoE4rT:zBf/JxhK4yIHtoCoiofudh6i/5/t9WG+

Score

10^/10

sload stealer trojan

Malware Config

Targets

- Target
  
  9ce4684fb3f4cb15b06c81e5793dfa19
- Size
  
  10KB
- MD5
  
  9ce4684fb3f4cb15b06c81e5793dfa19
- SHA1
  
  0eac6eb9a83291bc91e8d076dad09d2127f791a4
- SHA256
  
  d79a3fc774f33dd5627f9890aaecd2a7b2345a31352e0220cdea8879271e3dec
- SHA512
  
  33a9d854d4cbbe8621b879ffd62959b88b67d644be905aea733f1bed2c9a52ed16ee140b1b412a21d508cd338b10f7b3fe21e2f577334be0f0c1506aaea8f49e
- SSDEEP
  
  192:6kgUyxM50kJxhK4yf3AaKBToCoio/jVpudh6Af/5P3t9x12Gwz6QBGNoE4rT:zBf/JxhK4yIHtoCoiofudh6i/5/t9WG+
Score

10^/10

sload stealer trojan
- sLoad
  sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.
  trojan stealer sload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sloadstealertrojan

behavioral2

sloadstealertrojan