ssload | 3bca1dcaef4430272b9029c9a4bc8be0d45ecff66e8de8679ed30d8afab00f6f | Triage

Submit
Reports

Overview

overview

Static

static

3

forcedelctl.dll

windows7-x64

forcedelctl.dll

windows10-2004-x64

Resubmissions

01-05-2024 18:06

240501-wp7pzscg9x 10

18-04-2024 14:15

240418-rkp7xsfd39 10

17-04-2024 14:48

240417-r6e9vacg64 8

Sharing

General

Target

forcedelctl.dll
Size

956KB
Sample

240501-wp7pzscg9x
MD5

b28a478eb5b99efcdc7caf428bffb89a
SHA1

d394c7b8fe15753bfbff79fb4f648f6f8bae70f9
SHA256

3bca1dcaef4430272b9029c9a4bc8be0d45ecff66e8de8679ed30d8afab00f6f
SHA512

decb2581f64949bfaaaf0368917f0705d7a4b7392ec272eda025cf06a4384ec4cdd5202081c2e085f00645029dd96bfef262e8628bed1861185adf6281c1cc88
SSDEEP

24576:rs6ZRS5J3ifJvlxfcdaeti7w+0bf0XznPMvPD:Yni8dK9CEMXD

Score

10^/10

ssload loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

forcedelctl.dll

Resource

win7-20240221-en

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral2

Sample

forcedelctl.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

600 seconds

Malware Config

Targets

- Target
  
  forcedelctl.dll
- Size
  
  956KB
- MD5
  
  b28a478eb5b99efcdc7caf428bffb89a
- SHA1
  
  d394c7b8fe15753bfbff79fb4f648f6f8bae70f9
- SHA256
  
  3bca1dcaef4430272b9029c9a4bc8be0d45ecff66e8de8679ed30d8afab00f6f
- SHA512
  
  decb2581f64949bfaaaf0368917f0705d7a4b7392ec272eda025cf06a4384ec4cdd5202081c2e085f00645029dd96bfef262e8628bed1861185adf6281c1cc88
- SSDEEP
  
  24576:rs6ZRS5J3ifJvlxfcdaeti7w+0bf0XznPMvPD:Yni8dK9CEMXD
Score

10^/10

ssload loader
- SSLoad
  SSLoad Unpacked DLL payload.
  loader ssload
- Detects SSLoad Unpacked payload
  loader
- Blocklisted process makes network request
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy