latrodectus | 25c47009be94c92f2c0e1c4c2d8a85df40d9e5efcadf20b55d330e786310d75d

Analysis

max time kernel
94s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
14-11-2024 14:36

Target

sample.dll
Size

1.6MB
MD5

d5c83fb50dfea0d0e33584ac228b4036
SHA1

f0d42f81e73f4b49985c3a2a547987771cb3b6a9
SHA256

69a1709290bf91fd4a5c81eb78b18e22b312a3517db4651659c4c8a98782b769
SHA512

9b9b8953450697afe85bf7e80a4a624428eec5433e65128e19364886950ba6ce16a74e787cba16739388ba1c2135354af9500b37bac98951a300ec19ba997765
SSDEEP

24576:OZUojo622mgFSgT95BG1Dod9eIJb6/Y9rQcZ9pIkh4bdY59ed2ABHSm0j:OiW22vFR5s1HIVCY9kQ9SkmbyedjBp0j

Score

10^/10

Detects Latrodectus 1 IoCs

Detects Latrodectus v1.4 Payload.

resource	yara_rule
behavioral2/memory/3324-0-0x000001740BDF0000-0x000001740DAA3000-memory.dmp	Latrodectus14

Latrodectus family
latrodectus
Latrodectus loader
Latrodectus is a loader written in C++.
loader latrodectus

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\sample.dll,#1
1⤵
PID:3324

memory/3324-0-0x000001740BDF0000-0x000001740DAA3000-memory.dmp

Filesize
28.7MB

Download