latrodectus | b9dbe9649c761b0eee38419ac39dcd7e90486ee34cd0eb56adde6b2f645f2960 | Triage

Submit
Reports

Overview

overview

Static

static

1

slack.msi

windows10-2004-x64

Sharing

General

Target

slack.msi
Size

1.5MB
Sample

240725-nvpscsxakm
MD5

3703f47cfa7ce06c14374f173c68daf0
SHA1

11826292538317a69ffffac6fde43418af10c91c
SHA256

b9dbe9649c761b0eee38419ac39dcd7e90486ee34cd0eb56adde6b2f645f2960
SHA512

8126b9819d588253588b360b21a8ec0fbf12e90f7d7c7d8f01c81b730d7993409ef4c7ce044b3bdc066f745d4fd471fb2bd93fb7d8e7565f67d4e086622dce4b
SSDEEP

24576:dFdxLNvYBSMvZCFlp8zBQSc0ZoCvqKwx0ECIgYmfLVYeBZr7AmAyTicXFyiYlHfe:dFtvY/W8zBQSc0ZnSKeZKumZr7AByIi+

Score

10^/10

latrodectus discovery loader persistence privilege_escalation

Static task

static1

Behavioral task

behavioral1

Sample

slack.msi

Resource

win10v2004-20240709-en

latrodectus discovery loader persistence privilege_escalation

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Extracted

Family

latrodectus

C2

https://titnovacrion.top/live/

https://skinnyjeanso.com/live/

Targets

- Target
  
  slack.msi
- Size
  
  1.5MB
- MD5
  
  3703f47cfa7ce06c14374f173c68daf0
- SHA1
  
  11826292538317a69ffffac6fde43418af10c91c
- SHA256
  
  b9dbe9649c761b0eee38419ac39dcd7e90486ee34cd0eb56adde6b2f645f2960
- SHA512
  
  8126b9819d588253588b360b21a8ec0fbf12e90f7d7c7d8f01c81b730d7993409ef4c7ce044b3bdc066f745d4fd471fb2bd93fb7d8e7565f67d4e086622dce4b
- SSDEEP
  
  24576:dFdxLNvYBSMvZCFlp8zBQSc0ZoCvqKwx0ECIgYmfLVYeBZr7AmAyTicXFyiYlHfe:dFtvY/W8zBQSc0ZnSKeZKumZr7AByIi+
Score

10^/10

latrodectus discovery loader persistence privilege_escalation
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Detect larodectus Loader variant 2
  loader
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

System Binary Proxy Execution

Msiexec

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusdiscoveryloaderpersistenceprivilege_escalation

© 2018-2025

Terms | Privacy