latrodectus | 79531def158d6fc2ead83cf2011e0dbeaba2546fee5591c87fc6d163b6718784 | Triage

Sharing

General

Target

79531def158d6fc2ead83cf2011e0dbeaba2546fee5591c87fc6d163b6718784
Size

2.2MB
Sample

250216-bj1n9svkb1
MD5

5a4affaf429945419ad3b71495f8374a
SHA1

6e9b757ad3ea0d9a87bb8f5ab270ce6c98c1b0e1
SHA256

79531def158d6fc2ead83cf2011e0dbeaba2546fee5591c87fc6d163b6718784
SHA512

727c35872f0a1246d6c820e17593e97bebdfd78e33f033946db4df075545f22b7e854f19a0f02a44ef02f20982a9de139ea2fb446344aac3768ff1ff44b7283c
SSDEEP

49152:gZzQqIEjvDQPOnR2mSBn/VSlsBCXHWfVyR:gYqky

Score

10^/10

latrodectus discovery loader

Malware Config

Extracted

Family

latrodectus

Version

1.4

C2

https://vivaforevew.com/test/

https://wersogkiwgow.com/test/

Attributes

group
Omega
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Tob 1.1)

aes.hex

Extracted

Family

latrodectus

aes.hex

Targets

- Target
  
  79531def158d6fc2ead83cf2011e0dbeaba2546fee5591c87fc6d163b6718784
- Size
  
  2.2MB
- MD5
  
  5a4affaf429945419ad3b71495f8374a
- SHA1
  
  6e9b757ad3ea0d9a87bb8f5ab270ce6c98c1b0e1
- SHA256
  
  79531def158d6fc2ead83cf2011e0dbeaba2546fee5591c87fc6d163b6718784
- SHA512
  
  727c35872f0a1246d6c820e17593e97bebdfd78e33f033946db4df075545f22b7e854f19a0f02a44ef02f20982a9de139ea2fb446344aac3768ff1ff44b7283c
- SSDEEP
  
  49152:gZzQqIEjvDQPOnR2mSBn/VSlsBCXHWfVyR:gYqky
Score

10^/10

latrodectus loader discovery
- Latrodectus family
  latrodectus
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusloader

behavioral2

latrodectusdiscoveryloader