General

  • Target

    tab.dll.exe

  • Size

    1.6MB

  • Sample

    241113-vvt6eawdnc

  • MD5

    4f4a164b5f9ef20be601531a727179a2

  • SHA1

    1601622dc7caef28ce413e1d73b4d4596aabfc50

  • SHA256

    0f23855e56eb6ec760717be43280eeeeaec1aeef939f9ae6a41daf1b8e3bd306

  • SHA512

    de09d9f0048a19c7efa7ffae01f58c41e619e09e6ec56e4b818b58846672a0772c58913ba5ad4c86b746d91399894a21bf51225c1737a0652b1c85ffa3307030

  • SSDEEP

    24576:87u7nB/DBD9accSqVO9y/QaD74F3Zux5UDJpbD52hCvrHbvLz:8y/DBD9MVO9yos0F345UTbDukHvL

Malware Config

Extracted

Family

latrodectus

C2

https://rolefenik.com/test/

https://ergiholim.com/test/

Targets

    • Target

      tab.dll.exe

    • Size

      1.6MB

    • MD5

      4f4a164b5f9ef20be601531a727179a2

    • SHA1

      1601622dc7caef28ce413e1d73b4d4596aabfc50

    • SHA256

      0f23855e56eb6ec760717be43280eeeeaec1aeef939f9ae6a41daf1b8e3bd306

    • SHA512

      de09d9f0048a19c7efa7ffae01f58c41e619e09e6ec56e4b818b58846672a0772c58913ba5ad4c86b746d91399894a21bf51225c1737a0652b1c85ffa3307030

    • SSDEEP

      24576:87u7nB/DBD9accSqVO9y/QaD74F3Zux5UDJpbD52hCvrHbvLz:8y/DBD9MVO9yos0F345UTbDukHvL

    • Brute Ratel C4

      A customized command and control framework for red teaming and adversary simulation.

    • Bruteratel family

    • Detect BruteRatel badger

    • Detects Latrodectus

      Detects Latrodectus v1.4.

    • Latrodectus family

    • Latrodectus loader

      Latrodectus is a loader written in C++.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks