latrodectus | b83f12387a8c3bd5d2f7b23a4019b85771bd49fa4f61943771d4e7c6d3e72be5 | Triage

Submit
Reports

Overview

overview

Static

static

3

3b63ea8b6f...67.dll

windows7-x64

3b63ea8b6f...67.dll

windows10-2004-x64

Resubmissions

05-04-2024 15:15

240405-snc77sfh55 10

12-03-2024 09:50

240312-lveahsfh28 7

Sharing

General

Target

3b63ea8b6f9b2aa847faa11f6cd3eb281abd9b9cceedb570713c4d78a47de567.zip
Size

246KB
Sample

240312-lveahsfh28
MD5

e6206b9ad59718ba0b51d514fe501ac6
SHA1

c3f6d3ad52a0d90070ed44a5b5f7dac837c13c6d
SHA256

b83f12387a8c3bd5d2f7b23a4019b85771bd49fa4f61943771d4e7c6d3e72be5
SHA512

bb66d395af0c853a0c43ad29f64eaf78f8e458668681efd05c54e49a00bb17f423670bd5a9ec252c056b3c267e305fffcac1df9e7d715f094083bd714da2a613
SSDEEP

6144:AOQQGqD3ve6FkJpOL+0MaG8hd98P7LYHj4mTD:AO8Mfe6FHiAGkdGP3YHjPTD

Score

10^/10

latrodectus defense_evasion loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3b63ea8b6f9b2aa847faa11f6cd3eb281abd9b9cceedb570713c4d78a47de567.dll

Resource

win7-20240221-en

latrodectus defense_evasion loader

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

3b63ea8b6f9b2aa847faa11f6cd3eb281abd9b9cceedb570713c4d78a47de567.dll

Resource

win10v2004-20240226-en

latrodectus loader

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

latrodectus

C2

https://scifimond.com/live/

https://drifajizo.fun/live/

Targets

- Target
  
  3b63ea8b6f9b2aa847faa11f6cd3eb281abd9b9cceedb570713c4d78a47de567.exe
- Size
  
  469KB
- MD5
  
  e27c6586dba78d5d302589f3b231be40
- SHA1
  
  305031a6d93a744cf61552ab673ddb27843ee845
- SHA256
  
  3b63ea8b6f9b2aa847faa11f6cd3eb281abd9b9cceedb570713c4d78a47de567
- SHA512
  
  1f0c126e38eed21ee51e04ebe4717fcbb3545d9ccdcc24ba0125f82c5f9b94d1406cbf3ba9f58958e4f180bdd6931bc3a3cb5390de990f8265baabfd414f89c2
- SSDEEP
  
  12288:YERU04ML77eb/yVydk3+qloeDFgZkF7o:YEfDLP4qVydk3+qlpDkS
Score

10^/10

latrodectus defense_evasion loader
- Latrodectus family
  latrodectus
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Detect larodectus Loader variant 2
  loader
- Deletes itself
- Loads dropped DLL
- System Binary Proxy Execution: Verclsid
  Adversaries may abuse Verclsid to proxy execution of malicious code.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

System Binary Proxy Execution

Verclsid

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusdefense_evasionloader

behavioral2

latrodectusloader

© 2018-2025

Terms | Privacy