Back

Dissecting SSLoad Malware: A Comprehensive Technical Analysis

June 10, 2024, 4 p.m.

Tags

cobalt strike
ssload
2024-06-10

External References

https://intezer.com/

https://otx.alienvault.com/

Description

This in-depth analysis explores the intricate inner workings of SSLoad, a stealthy and adaptable malware known for its sophisticated delivery methods and evasion techniques. The comprehensive investigation unravels the malware's multistage infection chain, dissecting the various loaders, decryption algorithms, and payloads employed across different campaigns. The analysis highlights SSLoad's ability to gather reconnaissance, evade detection, and deploy additional malicious components, underscoring its versatility and ever-evolving nature.

Date

Published Created Modified
June 10, 2024, 3:48 p.m. June 10, 2024, 3:48 p.m. June 10, 2024, 4 p.m.

Indicators

6aa3daefee979a0efbd30de15a1fc7c0d05a6e8e3f439d5af3982878c3901a1c

6329244cfb3480eae11070f1aa880bff2fd52b374e12ac37f1eacb6379c72b80

265514c8b91b96062fd2960d52ee09d67ea081c56ebadd7a8661f479124133e9

90f1511223698f33a086337a6875db3b5d6fbcce06f3195cdd6a8efa90091750

73774861d946d62c2105fef4718683796cb77de7ed42edaec7affcee5eb0a0ee

09ffc4188bf11bf059b616491fcb8a09a474901581f46ec7f2c350fbda4e1e1c

85.239.53.219

Attack Patterns

SSLoad

Cobalt Strike - S0154

T1553.002

T1064

T1059.005

T1497.001

T1059.001

T1071.001

T1574.001

T1573

T1105

T1083

T1055

T1027

T1553