latrodectus | 937d07239cbfee2d34b7f1fae762ac72b52fb2b710e87e02fa758f452aa62913 | Triage

Resubmissions

10-05-2024 14:01

240510-rbxweada85 10

09-05-2024 13:07

240509-qc3mlsba7w 10

Sharing

General

Target

Form_W-9_Ver-i40_53b043910-86g91352u7972-6495q3.js
Size

467KB
Sample

240510-rbxweada85
MD5

6682dc1281579bd8789a8d2c09ca4251
SHA1

67bb21c9665fc12d8dc6ef2ac775c3f6274bd0ed
SHA256

937d07239cbfee2d34b7f1fae762ac72b52fb2b710e87e02fa758f452aa62913
SHA512

629219ec7dd6d1ca529daabeffe7b4430467d089054876c203d7be9979c32bb6d01901d018d88a81699ae18ba1be1421ec5fcbea6610f3e96953b1ab07b048bb
SSDEEP

6144:I/sTY54eD0MDV96cPh7siYttNfIR3zKEyX90q+jTEkyZxUwwkykmQmByuPatD/ey:8uu96FjIR3MN24Uk1

Score

10^/10

latrodectus execution loader persistence

Malware Config

Extracted

Family

latrodectus

C2

https://workspacin.cloud/live/

https://illoskanawer.com/live/

Targets

- Target
  
  Form_W-9_Ver-i40_53b043910-86g91352u7972-6495q3.js
- Size
  
  467KB
- MD5
  
  6682dc1281579bd8789a8d2c09ca4251
- SHA1
  
  67bb21c9665fc12d8dc6ef2ac775c3f6274bd0ed
- SHA256
  
  937d07239cbfee2d34b7f1fae762ac72b52fb2b710e87e02fa758f452aa62913
- SHA512
  
  629219ec7dd6d1ca529daabeffe7b4430467d089054876c203d7be9979c32bb6d01901d018d88a81699ae18ba1be1421ec5fcbea6610f3e96953b1ab07b048bb
- SSDEEP
  
  6144:I/sTY54eD0MDV96cPh7siYttNfIR3zKEyX90q+jTEkyZxUwwkykmQmByuPatD/ey:8uu96FjIR3MN24Uk1
Score

10^/10

execution latrodectus loader persistence
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Detect larodectus Loader variant 2
  loader
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

latrodectusexecutionloaderpersistence