sload | 54d27b43113c9d787286ffdbc3b1aa6e417b2e2947da472a320f746e26b33f50 | Triage

Sharing

General

Target

3d4bb59666eebb302bf85e56770fcc9e_JaffaCakes118
Size

8KB
Sample

240712-n6h4yssekm
MD5

3d4bb59666eebb302bf85e56770fcc9e
SHA1

4bba9bf6f71a569e3a18ec171124ac53533b0e6c
SHA256

54d27b43113c9d787286ffdbc3b1aa6e417b2e2947da472a320f746e26b33f50
SHA512

6a319d0d27bbbb9317741334abed9608261cb6ad8ecda6b05e31d51b21df19b4b5ec909fed3265cf45bba3e601f7caaabff8e17dfaa3254ccac35955a55b00a0
SSDEEP

192:QUpzzCCi/CI5lhZjBQFwo0SacAOLT46UcoH0N85xq6iG:QU9CCi/NfhZjBQFwo0SacAOLT46UtHWI

Score

10^/10

sload stealer trojan

Malware Config

Targets

- Target
  
  3d4bb59666eebb302bf85e56770fcc9e_JaffaCakes118
- Size
  
  8KB
- MD5
  
  3d4bb59666eebb302bf85e56770fcc9e
- SHA1
  
  4bba9bf6f71a569e3a18ec171124ac53533b0e6c
- SHA256
  
  54d27b43113c9d787286ffdbc3b1aa6e417b2e2947da472a320f746e26b33f50
- SHA512
  
  6a319d0d27bbbb9317741334abed9608261cb6ad8ecda6b05e31d51b21df19b4b5ec909fed3265cf45bba3e601f7caaabff8e17dfaa3254ccac35955a55b00a0
- SSDEEP
  
  192:QUpzzCCi/CI5lhZjBQFwo0SacAOLT46UcoH0N85xq6iG:QU9CCi/NfhZjBQFwo0SacAOLT46UtHWI
Score

10^/10

sload stealer trojan
- sLoad
  sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.
  trojan stealer sload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sloadstealertrojan

behavioral2

sloadstealertrojan