Malware
SSLoad
SSLoad is a Rust-based downloader that first emerged in January 2024 and is used to deliver secondary payloads.
SSLoad is a Windows malware family operated by TA578.
Background
SSLoad is a downloader written in Rust that surfaced in January 2024 and serves to drop secondary payloads. In its earliest builds, a first-stage DLL reached out to a Telegram channel called 'SSLoad' to obtain a follow-up URL. From there it fetched a compressed PE file over HTTP using a hardcoded User-Agent (SSLoad/1.x) and Content-Type, then decompressed and ran it straight in memory. The malware has been revised multiple times since, with changes to its command-and-control (C2) traffic and to the supporting executables that load it. Newer versions skip the first-stage DLL entirely by placing SSLoad directly on the victim's machine.
Source: Malpedia (Fraunhofer FKIE).