latrodectus | 5e7b8f81ce66cfe606ea6470b596cb9fdeace6a3469ee06d3dfe049e1e2951d8 | Triage

Submit
Reports

Overview

overview

Static

static

3

5e7b8f81ce...d8.dll

windows10-2004-x64

Resubmissions

10-04-2024 04:28

240410-e3qvysda77 10

19-12-2023 11:50

231219-nztl4sfhe9 3

Sharing

General

Target

5e7b8f81ce66cfe606ea6470b596cb9fdeace6a3469ee06d3dfe049e1e2951d8
Size

1.8MB
Sample

240410-e3qvysda77
MD5

1cf72e954ed000c16e5cc327e91bdde4
SHA1

39acb9bf780d195cb9308f3f7d48d9a2e0ac6979
SHA256

5e7b8f81ce66cfe606ea6470b596cb9fdeace6a3469ee06d3dfe049e1e2951d8
SHA512

e84a447dc86fb67348cba47d48cee59088a6bbcf7086ffa91920727027e40106892769279fba27ea502e29afde48dddf971ef08418cb7a410dbc7eb2e3961fdd
SSDEEP

24576:7znngr4eig/HxkaoDFITvg9iLXYgIcjGNz5139EOapmIpniJ:7z64gxnoRGI9MXFrjGxNEOapmIpn

Score

10^/10

latrodectus discovery loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5e7b8f81ce66cfe606ea6470b596cb9fdeace6a3469ee06d3dfe049e1e2951d8.dll

Resource

win10v2004-20231215-en

latrodectus discovery loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Extracted

Family

latrodectus

C2

https://arsimonopa.com/live/

https://lemonimonakio.com/live/

Targets

- Target
  
  5e7b8f81ce66cfe606ea6470b596cb9fdeace6a3469ee06d3dfe049e1e2951d8
- Size
  
  1.8MB
- MD5
  
  1cf72e954ed000c16e5cc327e91bdde4
- SHA1
  
  39acb9bf780d195cb9308f3f7d48d9a2e0ac6979
- SHA256
  
  5e7b8f81ce66cfe606ea6470b596cb9fdeace6a3469ee06d3dfe049e1e2951d8
- SHA512
  
  e84a447dc86fb67348cba47d48cee59088a6bbcf7086ffa91920727027e40106892769279fba27ea502e29afde48dddf971ef08418cb7a410dbc7eb2e3961fdd
- SSDEEP
  
  24576:7znngr4eig/HxkaoDFITvg9iLXYgIcjGNz5139EOapmIpniJ:7z64gxnoRGI9MXFrjGxNEOapmIpn
Score

10^/10

latrodectus discovery loader
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Detect larodectus Loader variant 1
  loader
- Blocklisted process makes network request
- Deletes itself
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusdiscoveryloader

© 2018-2025

Terms | Privacy