Overview

overview

10

Static

static

3

FixSfp.exe

windows7-x64

10

FixSfp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FixSfp.exe

  • Size

    1.1MB

  • Sample

    250129-wjjqzatnhp

  • MD5

    c4738b7ee108e1cfd0619cf740f458e0

  • SHA1

    01c40a43bdf3bb2edfa4b9aa039439a47e9edc6d

  • SHA256

    6ada7b6d8b6ddf3ebe61d3bf19e70bb5a2a9f22d871d217b1ade7c40c3aac088

  • SHA512

    4c4a68739593e02c3997905ab10e7492b64f288a39211a81797cadaf2432aa90f94874e83520bbb149810e04fdc0e401eac30d10402b5c5822887f3b9cbbf2cb

  • SSDEEP

    24576:xFdIR2uJMaFHaNfZq8gGl6kyhyjIVQGu7DTYHeNYiDXnYgU8:xko6MaFPE6kRjIVQG4Ds+aJm

Score
10/10
latrodectusloader

Malware Config

Extracted

Family

latrodectus

Version

1.4

C2

https://piloferstaf.com/test/

https://ypredoninen.com/test/
Attributes
  • group

    Sigma

  • user_agent

    Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Tob 1.1)

aes.hex

Targets

    • Target

      FixSfp.exe

    • Size

      1.1MB

    • MD5

      c4738b7ee108e1cfd0619cf740f458e0

    • SHA1

      01c40a43bdf3bb2edfa4b9aa039439a47e9edc6d

    • SHA256

      6ada7b6d8b6ddf3ebe61d3bf19e70bb5a2a9f22d871d217b1ade7c40c3aac088

    • SHA512

      4c4a68739593e02c3997905ab10e7492b64f288a39211a81797cadaf2432aa90f94874e83520bbb149810e04fdc0e401eac30d10402b5c5822887f3b9cbbf2cb

    • SSDEEP

      24576:xFdIR2uJMaFHaNfZq8gGl6kyhyjIVQGu7DTYHeNYiDXnYgU8:xko6MaFPE6kRjIVQG4Ds+aJm

    Score
    10/10
    latrodectusloader

    • Latrodectus family

      latrodectus

    • Latrodectus loader

      Latrodectus is a loader written in C++.

      loaderlatrodectus

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks