latrodectus | 2674b6d7c8da0c3be4a2203f9d7ad48875869585a6e325ff7a36926771803d95 | Triage

Sharing

General

Target

Google_Auth_18403646217.zip
Size

6.2MB
Sample

240730-n3v94sxepn
MD5

4673783e12ce605587dedd85fbc3e277
SHA1

7004176cfa95f7e704b43f6eaa81625fcd801105
SHA256

2674b6d7c8da0c3be4a2203f9d7ad48875869585a6e325ff7a36926771803d95
SHA512

1b7c1c847d327a3383dde3358dfc0583e5c36857b2f64d7bdbf765b9ad8649a24c94b5c124641997b5fc772490ccbb17f963c1059d37e62f8a8716af714a9ce0
SSDEEP

196608:czKQX48daVMQpOi3S4Sbvy1TpkQq0YvNPvcukcA:cP4HVMQcrRcCQZWdc1

Score

10^/10

latrodectus discovery loader

Malware Config

Extracted

Family

latrodectus

C2

https://spikeliftall.com/live/

https://godfaetret.com/live/

Targets

- Target
  
  62536e1486be7e31df6c111ed96777b9e3f2a912a2d7111253ae6a5519e71830
- Size
  
  6.3MB
- MD5
  
  db60dc357835c7379091e4f54c2f6f0e
- SHA1
  
  e9ecdb514686ba2707e2a6e4d8e8b28a06596d88
- SHA256
  
  62536e1486be7e31df6c111ed96777b9e3f2a912a2d7111253ae6a5519e71830
- SHA512
  
  0116b2817fa9295cf69490a2020b82d9d6157268f227feedcd74bc23246182a8de2c88a48bd1a25cfa3051a2fbafa2be3b5959e3be8f02ab379f15b8e1558c7b
- SSDEEP
  
  98304:E08tPgotZXlKbXynnR6a8SPgJevPQ+pit+IaGcYVUFwBRXAn6l7CgTV8+pYIKu5W:EJLQXynRea3PQ+ppYVUFKRQL+u/uNm
Score

10^/10

latrodectus discovery loader
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusdiscoveryloader

behavioral2

latrodectusdiscoveryloader