ssload | ca066896a28840f4eccb9150adf86170d83337650d28b128cb584e7d8b178695 | Triage

Submit
Reports

Overview

overview

Static

static

3

app.exe

windows10-1703-x64

app.exe

windows10-2004-x64

Sharing

General

Target

app.com
Size

1.5MB
Sample

240508-wcl8hsfg21
MD5

bd3231011448b2d6a335032d11c12cad
SHA1

b14bdeccca499668fac5049890bb7f3e5bef9537
SHA256

ca066896a28840f4eccb9150adf86170d83337650d28b128cb584e7d8b178695
SHA512

4fdf90883f5fde3aeb02b2ddc46c5e3cd421fe98697aca0d31b1aaea39598d2624c3339ab75a96997287c611a7d4dd8459b1c3341fe972cf049885d22c31f3de
SSDEEP

24576:U7fGyyeUW7jK9ijzqPoKQ+2L7uUgtAsjxy5U2dTfUpHkKBdsQM+WAM7W:OfFU2m9ijzWoK0zgtAsI5U2dTfAHowQW

Score

10^/10

ssload loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

app.exe

Resource

win10-20240404-en

windows10-1703-x64

9 signatures

1200 seconds

Behavioral task

behavioral2

Sample

app.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

10 signatures

1200 seconds

Malware Config

Targets

- Target
  
  app.com
- Size
  
  1.5MB
- MD5
  
  bd3231011448b2d6a335032d11c12cad
- SHA1
  
  b14bdeccca499668fac5049890bb7f3e5bef9537
- SHA256
  
  ca066896a28840f4eccb9150adf86170d83337650d28b128cb584e7d8b178695
- SHA512
  
  4fdf90883f5fde3aeb02b2ddc46c5e3cd421fe98697aca0d31b1aaea39598d2624c3339ab75a96997287c611a7d4dd8459b1c3341fe972cf049885d22c31f3de
- SSDEEP
  
  24576:U7fGyyeUW7jK9ijzqPoKQ+2L7uUgtAsjxy5U2dTfUpHkKBdsQM+WAM7W:OfFU2m9ijzWoK0zgtAsI5U2dTfAHowQW
Score

10^/10

ssload loader
- SSLoad
  SSLoad Unpacked DLL payload.
  loader ssload
- Detects SSLoad Unpacked payload
  loader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy