Overview

overview

10

Static

static

1

DLPAgent.msi

windows10-2004-x64

10

DLPAgent.msi

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DLPAgent.msi

  • Size

    2.1MB

  • Sample

    240920-xbrbhs1hln

  • MD5

    d75db138a6519ace7795ba35ea62a498

  • SHA1

    dc8ec40f846dd55be5661d43a80acb4d442f6cd3

  • SHA256

    1b9e17bfbd292075956cc2006983f91e17aed94ebbb0fb370bf83d23b14289fa

  • SHA512

    eeef3b0620cfbd332110b8123e2548b8b6a6b4d2259932463755aae2569440a8807eed7a5b5274b9bb01cde7604bc7aeb560b606609d7fc885cd97621c9106c1

  • SSDEEP

    49152:56s3YhW8zBQSc0ZnSKSZKumZr7AKMLQanYBQDpridgYaU:HYY0ZnQK/AvL8BpgPU

Score
10/10
latrodectusdiscoveryloaderpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      DLPAgent.msi

    • Size

      2.1MB

    • MD5

      d75db138a6519ace7795ba35ea62a498

    • SHA1

      dc8ec40f846dd55be5661d43a80acb4d442f6cd3

    • SHA256

      1b9e17bfbd292075956cc2006983f91e17aed94ebbb0fb370bf83d23b14289fa

    • SHA512

      eeef3b0620cfbd332110b8123e2548b8b6a6b4d2259932463755aae2569440a8807eed7a5b5274b9bb01cde7604bc7aeb560b606609d7fc885cd97621c9106c1

    • SSDEEP

      49152:56s3YhW8zBQSc0ZnSKSZKumZr7AKMLQanYBQDpridgYaU:HYY0ZnQK/AvL8BpgPU

    Score
    10/10
    latrodectusdiscoveryloaderpersistenceprivilege_escalation

    • Detects Latrodectus

      Detects Latrodectus v1.4.

    • Latrodectus loader

      Latrodectus is a loader written in C++.

      loaderlatrodectus

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks