latrodectus | 2f3dd9fe96b27664d4ac558c6c538f59a04db5a3f7d1923b83473b5f7603d187

Sharing

Copy URL

Twitter E-mail

General

Target

lact.zip
Size

617KB
Sample

240408-aj39qaba64
MD5

32d69bb674f227a955330418eaa3e1f8
SHA1

0611088598e651977926606cfa90649e9934c241
SHA256

2f3dd9fe96b27664d4ac558c6c538f59a04db5a3f7d1923b83473b5f7603d187
SHA512

5d961464fba8f815cd59265fffff623a0e86699c9d41f52e4415d7ea68021834f11e4b512f18c250ccd6ed625c03c8b460ef15c7c74c3df009b0e47cfbd68bba
SSDEEP

12288:8HmycLEK72WDEiSx1oXtOkQbufc81N6W3svWN8wSdDG/NzMUrrP:NycJ9Sx1o9X1NKw4G/NzB/

Score

10^/10

latrodectus loader

Malware Config

Extracted

Family

latrodectus

https://titnovacrion.top/live/

https://grunzalom.fun/live/

https://plwskoret.top/live/

https://miistoria.com/live/

https://aytobusesre.com/live/

https://scifimond.com/live/

https://mazdakrichest.com/live/

https://riverhasus.com/live/

https://fluraresto.me/live/

https://mastralakkot.live/live/

https://peermangoz.me/live/

https://aprettopizza.world/live/

https://drifajizo.fun/live/

https://zumkoshapsret.com/live/

https://jertacco.com/live/

Targets

- Target
  
  lact/1364-1-0x0000020751220000-0x0000020751234000-memory_unmapped.dmp
- Size
  
  80KB
- MD5
  
  7a1a48e5526e096dad8a155bd009ea94
- SHA1
  
  90c423f7af788937665fb7c28dc03468be15b064
- SHA256
  
  5562c6ad5765792def276e009395a57a6bf841c87cddefb6f8e8d75b74076e83
- SHA512
  
  dd7c9fd8b6bc84ffec49aac30c5d060ee34d05bee6a5b21ea90bcf1547d10f7cd2fc20bdf0efc4848ec2bd8d0cc448c332192e00bd2113c3f312124516c514e8
- SSDEEP
  
  768:ai0IIO99dKJKbAoQVuyQw4n4mjlQmLvniWiMfDeDvf1v:WpO9CJKjQF4n4mjltqTMKD1
Score

10^/10

latrodectus loader
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Detect larodectus Loader variant 2
  loader
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  lact/1636-0-0x00000000003A0000-0x00000000003B3000-memory_unmapped.dmp
- Size
  
  76KB
- MD5
  
  7d3984674aec72426e2dcbd38539c54a
- SHA1
  
  3548610228011247d1e2edc962219466cca9a1a9
- SHA256
  
  9e7fdc17150409d594eeed12705788fbc74b5c7f482a64d121395df781820f46
- SHA512
  
  4cfc28c58d4b30de125b43af0558ccdce07531c91c2fb3a405122736c1f429c3b9dd8d44899058eb4e7409cb1231ce82c104ee32b094de025cb40547099ca2b5
- SSDEEP
  
  768:UiC/DyfvDF9JN137zub7+IJSuCMajTiAmPbjQL5Nhs1+igyX9MDy:7C/DivXBOJSuwjFmz0Lvhs13gyX9MG
Score

10^/10

latrodectus loader
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Detect larodectus Loader variant 1
  loader
- Deletes itself
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  lact/1684-0-0x0000000001D20000-0x0000000001D34000-memory_unmapped.dmp
- Size
  
  80KB
- MD5
  
  3553028b63b5608c0aff42b067977b7e
- SHA1
  
  fb1354c019ec345144e26aebfc3cf6f3a6a0a8d2
- SHA256
  
  5edc39cbd89d3ba70a4737f823933af93f3c182134af8e34e0af9a316afaaca8
- SHA512
  
  6f0d89dedd62cecc62b06ee21b818aa16706b40f3133aaba2967bef944299285056bc17f915a777468ad1cba455cc41f6d3e09850684b24996715097c77d05e9
- SSDEEP
  
  768:0oWfTLO3B5YC0YbGuRPv87BZILqSdE8TWz7MUYqw8:UfO3ornBZdGSMNy
Score

10^/10

latrodectus loader
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Detect larodectus Loader variant 2
  loader
- Deletes itself
- Loads dropped DLL
behavioral5 behavioral6
- Target
  
  lact/1944-1-0x000001FE0BA80000-0x000001FE0BA93000-memory_unmapped.dmp
- Size
  
  76KB
- MD5
  
  80a0b619884a185d0abdffda3918cb33
- SHA1
  
  b2edde7d7cd7b01d9cec7644e45ec3246afda077
- SHA256
  
  9fad77b6c9968ccf160a20fee17c3ea0d944e91eda9a3ea937027618e2f9e54e
- SHA512
  
  9f6e546060cab0de8450027f1a8d471d483f1e60bd13b3ed4224210abdbcce9e2d0c628617abca9eb0e5bf6a1a6b5682a47b419a0858bf4dcfb90ca45b92341d
- SSDEEP
  
  768:8xO+qDlWGT9NVu48up+g5KFNhhlJwb9LfpwThs1GSy:8k+qD4Ud/5KFhrmVfOhs1GSy
Score

10^/10

latrodectus loader
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Detect larodectus Loader variant 1
  loader
- Deletes itself
- Loads dropped DLL
behavioral7 behavioral8
- Target
  
  lact/2092-0-0x0000000000150000-0x0000000000163000-memory.dmp
- Size
  
  76KB
- MD5
  
  74db78c91de3e13c82182b06d0c82c75
- SHA1
  
  22f86c8dc095698b9374e5956a871a20be5171cf
- SHA256
  
  d855daede0b97277d68e04c73ef0f2a36690faa77539914aa7948ee045427042
- SHA512
  
  220ed7a6199ba7a61d3d2b830336a357787dcb37a2e38de07f55e16c0a76b31974905fadfe2733228cf1e6913e13d1c76419f6fdd8d040bc0d6ef6f22f471f8d
- SSDEEP
  
  768:wiC/DyfvDF9JN1a7zub7+IJSuCMajTiAmPbjQLz5Hhs1WaaUbDy:3C/DivXAOJSuwjFmz0LZhs1ZbG
Score

1^/10
behavioral10 behavioral9
- Target
  
  lact/2100-2-0x00000000003A0000-0x00000000003B3000-memory_unmapped.dmp
- Size
  
  76KB
- MD5
  
  644a7a3e8ba5b6bad4e3e194bdd09e21
- SHA1
  
  a4d12b22991572b5f01cd352f9ebe5d6738e1de6
- SHA256
  
  d8b902568386f588fb2d42a77cd39062ada13c9a3fed0adf20ab6510f3b4a681
- SHA512
  
  0d4ee8bd838a3d3f6c5a9786b59b1f899df361e1334208489b534aac93f7d1f7804cfbb833f529175aa9385a7bf1cc36d5ba3daa65588770e6176e277f1e32f7
- SSDEEP
  
  768:cO+qDlWGT9NVv48up+g5KFNhhlJwb9Lf2hs1z+Wvvy:v+qD4U2/5KFhrmVf2hs1zdvy
Score

10^/10

latrodectus loader
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Detect larodectus Loader variant 1
  loader
- Deletes itself
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  lact/2324-0-0x0000000000130000-0x0000000000144000-memory_unmapped.dmp
- Size
  
  80KB
- MD5
  
  43bc0dab9e308ffb529d7ddc873063d5
- SHA1
  
  fbebdfc69ce47adfda18bf72c759672639968f89
- SHA256
  
  a94693776f14544219fca02959c2d2d095014a9ef2dd0deb4a68af4f39fb44bb
- SHA512
  
  22a5fd1d8735182d5f1ac1ada2a03b84e736244bc2d5bbd313ef95a8f7a43dc93b6dd4c40a12dfe18e375f840828025eb6eec0c9da009dad7b6d3ac27d64c358
- SSDEEP
  
  768:MoWfTLO3B5YC0YbwuRPv87BZILqSdE8TWz7MUjhl0B/5:cfO3orNBZdGSMSy5
Score

10^/10

latrodectus loader
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Detect larodectus Loader variant 2
  loader
- Deletes itself
- Loads dropped DLL
behavioral13 behavioral14
- Target
  
  lact/2956-0-0x0000000001B60000-0x0000000001B74000-memory_unmapped.dmp
- Size
  
  80KB
- MD5
  
  37d62d215bc14f55d10afde96d91d1b6
- SHA1
  
  9fd938b06ed73134a8ded13b0224ed80275b534b
- SHA256
  
  1bed9c089a3c1dd81a17834827129022f8cf417e86e6f9f15bd43ed3ac62e303
- SHA512
  
  3a35395abda1314f7aab3a9539f86634e20dfce7fd432f7123aa57a49c34c37743d0351c498dff4130f9efd03171648af76d4901bcbe3ff55cb6529f2f5e211f
- SSDEEP
  
  768:foWfTLO3B5YC0YbluRPv87BZILqSdE8TWz7MUfx9k0zioX:bfO3orQBZdGSMM9k0zi4
Score

10^/10

latrodectus loader
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Detect larodectus Loader variant 2
  loader
- Deletes itself
- Loads dropped DLL
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Latrodectus loader

Detect larodectus Loader variant 2

Deletes itself

Loads dropped DLL

Latrodectus loader

Detect larodectus Loader variant 1

Deletes itself

Loads dropped DLL

Latrodectus loader

Detect larodectus Loader variant 2

Deletes itself

Loads dropped DLL

Latrodectus loader

Detect larodectus Loader variant 1

Deletes itself

Loads dropped DLL

Latrodectus loader

Detect larodectus Loader variant 1

Deletes itself

Loads dropped DLL

Latrodectus loader

Detect larodectus Loader variant 2

Deletes itself

Loads dropped DLL

Latrodectus loader

Detect larodectus Loader variant 2

Deletes itself

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16