latrodectus | aa85fcfa9022842d3ee68711e8abf20fa402f3f5f2cfc918d7c7ce9a30654c7b | Triage

Submit
Reports

Overview

overview

Static

static

1

6ed4c0b2e6...56f.js

windows7-x64

6ed4c0b2e6...56f.js

windows10-2004-x64

Sharing

General

Target

49ed597d3e71dee0ced6c17c9ecc5ee9.bin
Size

339KB
Sample

240914-bhc7kszcmd
MD5

25219a89f5b45aed8400df4990da0de6
SHA1

2688baa25537203b0c3b3eec39b964a7a81547e2
SHA256

aa85fcfa9022842d3ee68711e8abf20fa402f3f5f2cfc918d7c7ce9a30654c7b
SHA512

6e243fd6e250bd94b29ba17d0e1d3ee3c677c18963474fb2e1fdcbab3243a4f6b7c25f90cc42963ace1cb5cbb547674d497d2cc2e32ff848ebe89616661f1339
SSDEEP

6144:exeCATgBJCDmwL2Tat+x4dXgks6Y144oizaHZAOhYnCZ3wkxArft3IIy:egJTDDmwL2Ta0x6s6YvZzOaOyCZtxAru

Score

10^/10

latrodectus discovery execution loader

Static task

static1

Behavioral task

behavioral1

Sample

6ed4c0b2e67a048fea0163a19588d4cf3ae469b62cbf8536cb6c2a213cbfd56f.js

Resource

win7-20240903-en

latrodectus discovery execution loader

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

6ed4c0b2e67a048fea0163a19588d4cf3ae469b62cbf8536cb6c2a213cbfd56f.js

Resource

win10v2004-20240802-en

latrodectus discovery execution loader

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

latrodectus

C2

https://isomicrotich.com/test/

https://rilomenifis.com/test/

Targets

- Target
  
  6ed4c0b2e67a048fea0163a19588d4cf3ae469b62cbf8536cb6c2a213cbfd56f.js
- Size
  
  711KB
- MD5
  
  49ed597d3e71dee0ced6c17c9ecc5ee9
- SHA1
  
  235f285825ac621f16f8fc98664a1c226f1a4d68
- SHA256
  
  6ed4c0b2e67a048fea0163a19588d4cf3ae469b62cbf8536cb6c2a213cbfd56f
- SHA512
  
  94971817ecafe3bd69ba19c68162320c6d4ed403ce5e4a5841862114b76f599e87fd8552282a466d1af69fa1fedb4767c6e2f77563181924046f4fddfa3aa4c5
- SSDEEP
  
  12288:5YOoheqQXmtqSElhoXJ/r2tiT+059vIkd08brxp+0:5to8vhBE5/r/T+051Q+xpr
Score

10^/10

latrodectus discovery execution loader
- Detects Latrodectus
  Detects Latrodectus v1.4.
- Latrodectus family
  latrodectus
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Executes dropped EXE
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusdiscoveryexecutionloader

behavioral2

latrodectusdiscoveryexecutionloader

© 2018-2025

Terms | Privacy