latrodectus | 3dc2a2370cb35fd28b7c862c368a8417870fd92960153963386f692ddbbd770b | Triage

Sharing

General

Target

21313789022.zip
Size

851KB
Sample

250212-yab1wawmay
MD5

c252ba961ac58a438922dde45642b759
SHA1

d5f8f16a792b99a0c08a461e0da8aa04dad0d2cd
SHA256

3dc2a2370cb35fd28b7c862c368a8417870fd92960153963386f692ddbbd770b
SHA512

dc5146050a500e4ed7cfe9900e31d4e62ca711f91e3ccf896018082c6f183168587c5ad6961fab250faa08145ed453772ab0984d42f9e577a5c756b03f32bc9e
SSDEEP

24576:JTYi+PLu5omMvdARviIRyxM1IOO+71RuENbf:2i+PlPvdbIRyi1IO5hRpNbf

Score

10^/10

latrodectus discovery loader

Malware Config

Extracted

Family

latrodectus

Version

1.4

C2

https://vivaforevew.com/test/

https://wersogkiwgow.com/test/

Attributes

group
Omega
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Tob 1.1)

aes.hex

Extracted

Family

latrodectus

aes.hex

Targets

- Target
  
  07e40b47338cc06bb52bfd8782f17a0ba919c3d62d75831a06958b38c7e4fc9a
- Size
  
  2.2MB
- MD5
  
  470f98f04ad558704ddd38289da57f9c
- SHA1
  
  6021d2f22d7302547b49e06e4f5e5d9c2d6ced27
- SHA256
  
  07e40b47338cc06bb52bfd8782f17a0ba919c3d62d75831a06958b38c7e4fc9a
- SHA512
  
  addfd25d24fe27986c757a9bf87027371f2fea7025cd491596bc12c4c760960190126fed8985173e768092e313a695f396c420973a0077d0804de118efc14a55
- SSDEEP
  
  49152:gZzQqIEjvDQPOnR2mSBn/VSlsBCXHWfVyR:gYqky
Score

10^/10

latrodectus loader discovery
- Latrodectus family
  latrodectus
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusloader

behavioral2

latrodectusdiscoveryloader