sload | 724206404ad809e13d938f14383bf5bd9beabe7afb53fbc1bcf7a73cba1aa3c2 | Triage

Sharing

General

Target

395061c186c29da5dcee0cc9aaff80ce_JaffaCakes118
Size

9KB
Sample

240711-qqhjla1akf
MD5

395061c186c29da5dcee0cc9aaff80ce
SHA1

daea3fafdbb98e1426e6f037a52a3fe28774d689
SHA256

724206404ad809e13d938f14383bf5bd9beabe7afb53fbc1bcf7a73cba1aa3c2
SHA512

920428ca5ef2f1c11b24deee6215d26fef2c1c54ae57e0041d0b2d0c2277d50dc5b5b34cd13a294622ea229c9e427de19a48dc4db7cafed4664a75f4a84c2fbb
SSDEEP

96:eT8hI4nt7YEJn0X8Pj9ZTqeA8Tj3mfV+08lKcEGv0rrePY9voqqooRVmF8Q2:rhIOLJ0oPTqeHufV+JVsrrePsqoqVmFU

Score

10^/10

sload stealer trojan

Malware Config

Targets

- Target
  
  395061c186c29da5dcee0cc9aaff80ce_JaffaCakes118
- Size
  
  9KB
- MD5
  
  395061c186c29da5dcee0cc9aaff80ce
- SHA1
  
  daea3fafdbb98e1426e6f037a52a3fe28774d689
- SHA256
  
  724206404ad809e13d938f14383bf5bd9beabe7afb53fbc1bcf7a73cba1aa3c2
- SHA512
  
  920428ca5ef2f1c11b24deee6215d26fef2c1c54ae57e0041d0b2d0c2277d50dc5b5b34cd13a294622ea229c9e427de19a48dc4db7cafed4664a75f4a84c2fbb
- SSDEEP
  
  96:eT8hI4nt7YEJn0X8Pj9ZTqeA8Tj3mfV+08lKcEGv0rrePY9voqqooRVmF8Q2:rhIOLJ0oPTqeHufV+JVsrrePsqoqVmFU
Score

10^/10

sload stealer trojan
- sLoad
  sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.
  trojan stealer sload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sloadstealertrojan

behavioral2

sloadstealertrojan