latrodectus | 7aceb3a8567e2ff21ea95b78cb0c450531ba106cfe7ca83a1d02eea6f79ffbaf | Triage

Sharing

General

Target

latro_unpacked.zip
Size

24KB
Sample

241226-14p6psspdt
MD5

4a4381d0371dfbf71d2b3372aad3cde1
SHA1

5e93823bb9fa9d55af0c05fd507295496f4cc5c1
SHA256

7aceb3a8567e2ff21ea95b78cb0c450531ba106cfe7ca83a1d02eea6f79ffbaf
SHA512

9a39ae8d7cfa3ddbce98dbdfa34168e4925b685ce3918576dc86c526ad6cfc25c51427ef843b1439d121bd75c0b6b25c3dca21838bb8c4505dea838e6029722b
SSDEEP

384:OxCrus8+l6jBq51p72T1GmbRQiHq7jCoENhUzhRkryzEw/VGqb4XoNks+/fHn:iCrupM6NqTtCFb7ICnhKRkeEwMqXHA

Score

10^/10

latrodectus loader

Malware Config

Extracted

Family

latrodectus

C2

https://workspacin.cloud/live/

https://qaliharsit.tech/live/

Extracted

Family

latrodectus

Version

1.0

C2

https://workspacin.cloud/live/

https://qaliharsit.tech/live/

Attributes

group
Electrol
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Tob 1.1)

Targets

- Target
  
  Latrodectus/3be9e476da2e99adbc49591cbc94b4d9/payload/payload.exe
- Size
  
  80KB
- MD5
  
  521b30198e623b6fde8522d5cad39bac
- SHA1
  
  83b6df3883c7edd33ad3211ca44b67cd876e82e5
- SHA256
  
  e3362e506873d4128939b059190292193999da14687c2418be2742d623dd9ecb
- SHA512
  
  6ee6078b969f44e5150e711637ca9f0b40d359205b4b7b4cf50ff3e1ee1ead4813777b7cf7b4b3497891feee83681cef0d82a3061cb58cedc66223d71aaba5b8
- SSDEEP
  
  1536:oTgwOVoh9lvE0ksFBaGxD7odf8+kvYNNvn:oTgmm0ks3hEk+k+n
Score

10^/10

latrodectus loader
- Latrodectus family
  latrodectus
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Deletes itself
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusloader