latrodectus | e94d18cb4423342defc76dc26e1a23803b54e3230b0fc773f417b09514ca7322 | Triage

Sharing

General

Target

2352-0-0x0000000180000000-0x0000000181CB2000-memory.dmp
Size

28.7MB
Sample

250209-pepm4aznhk
MD5

543302f696b5e0d62325bbf9355fd42b
SHA1

8d04ddc8147464d796c58236377c5b8876fc4067
SHA256

e94d18cb4423342defc76dc26e1a23803b54e3230b0fc773f417b09514ca7322
SHA512

f9da4e96085c2571d59822c40ea02343b49a78ce9cdf25cc0a106242fda051fea213660ee0db58c8a5db78c156198b6f6e99d830c395627494bd5e893c93eca4
SSDEEP

768:ez7vRTYS4Oi5ONdWJ7HRCRuVnjhaQu7SDqRefml4I4QDqauXj57CHf8IdF+a7dHU:ezh7eO6hHRCwhBfml4I6z5If8IiaJ0

Score

10^/10

latrodectus discovery

Malware Config

Extracted

Family

latrodectus

Version

1.4

C2

https://apworsindos.com/test/

https://reminasolirol.com/test/

Attributes

group
Mimikast
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Tob 1.1)

aes.hex

Targets

- Target
  
  2352-0-0x0000000180000000-0x0000000181CB2000-memory.dmp
- Size
  
  28.7MB
- MD5
  
  543302f696b5e0d62325bbf9355fd42b
- SHA1
  
  8d04ddc8147464d796c58236377c5b8876fc4067
- SHA256
  
  e94d18cb4423342defc76dc26e1a23803b54e3230b0fc773f417b09514ca7322
- SHA512
  
  f9da4e96085c2571d59822c40ea02343b49a78ce9cdf25cc0a106242fda051fea213660ee0db58c8a5db78c156198b6f6e99d830c395627494bd5e893c93eca4
- SSDEEP
  
  768:ez7vRTYS4Oi5ONdWJ7HRCRuVnjhaQu7SDqRefml4I4QDqauXj57CHf8IdF+a7dHU:ezh7eO6hHRCwhBfml4I6z5If8IiaJ0
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2