latrodectus | 86e376774660522aeafc1182dfd1ea7af602bee39de78c44ffbfa5a4ab109cec | Triage

Submit
Reports

Overview

overview

Static

static

3

UPDATE-HSY...ml.lnk

windows7-x64

UPDATE-HSY...ml.lnk

windows10-2004-x64

version1.dll

windows7-x64

1

version1.dll

windows10-2004-x64

1

Resubmissions

08-04-2024 21:40

240408-1h8qxsfh61 10

08-04-2024 20:47

240408-zkt5wabe38 10

Sharing

General

Target

malware1.zip
Size

328KB
Sample

240408-zkt5wabe38
MD5

e2c12dd95d363eed8b39aeb7c7acca0a
SHA1

a5e14343d30825e9cdc5bd239a601b79b12e536b
SHA256

86e376774660522aeafc1182dfd1ea7af602bee39de78c44ffbfa5a4ab109cec
SHA512

2d509affc35d1ce170aedbd7b40768d2a2cb7800b78ffc54bf8fbfa5302fbf86be2738dbf2b9d6509b8421cb7298e259cf791faed15f636b3b1bad2198cac2ca
SSDEEP

6144:VZkq1C4Sn3ZTJdpB0Tv6Qp5bbAi3rH5dVqaeKW3HTPeo:c8OZzQGyAw+7eo

Score

10^/10

latrodectus loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

UPDATE-HSYEYDBB.html.lnk

Resource

win7-20240221-en

latrodectus loader

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

UPDATE-HSYEYDBB.html.lnk

Resource

win10v2004-20240226-en

latrodectus loader

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral3

Sample

version1.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

version1.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Extracted

Family

latrodectus

C2

https://mazdakrichest.com/live/

https://riverhasus.com/live/

Targets

- Target
  
  UPDATE-HSYEYDBB.html.lnk
- Size
  
  1KB
- MD5
  
  564896c159f0d7c086d0d5bc966959d3
- SHA1
  
  b63dadc4d961995a77a9c183c809321e5564da60
- SHA256
  
  db03a34684feab7475862080f59d4d99b32c74d3a152a53b257fd1a443e8ee77
- SHA512
  
  fb9ca2821f15f9946770fb29dfcd3724a868af27b998cd0191135ef11e38b7d5a1c8214fb37e178b1ed68fe6d3ae828acf43d9f5243d753ba58f5361f6c8398f
Score

10^/10

latrodectus loader
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Detect larodectus Loader variant 1
  loader
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  version1.dll
- Size
  
  1.4MB
- MD5
  
  f834dfc1861cd6361f34496c3bbafe66
- SHA1
  
  a983e82d009901310c8a3255c4b4e3a02d556fa7
- SHA256
  
  e99f3517a36a9f7a55335699cfb4d84d08b042d47146119156f7f3bab580b4d7
- SHA512
  
  088a6170c948ddb2c2b0cf2431ae61688201ef5bc3f1af217a58bf18b26dd9e0ab7ee082f822e736d0467f62e33bf71b806127eb998bed8e739c1e441ac05e00
- SSDEEP
  
  12288:kX/1RzJk1HRqZr4y6mLsM5k6tQqNaCPWIzv:+XzJk1HwZL6GQCPP
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusloader

behavioral2

latrodectusloader

behavioral3

behavioral4

© 2018-2025

Terms | Privacy