latrodectus | b23962c407c203d636dc03c8c0ab5b629ebc3cbe8464d9cc66713c82cca3d3bc | Triage

Sharing

General

Target

b23962c407c203d636dc03c8c0ab5b629ebc3cbe8464d9cc66713c82cca3d3bcN.exe
Size

2.2MB
Sample

250216-fm9tkatlhj
MD5

0785848633143abf9af51eb44b85ad40
SHA1

ce4fed77393a6654613454add65397dbced319a3
SHA256

b23962c407c203d636dc03c8c0ab5b629ebc3cbe8464d9cc66713c82cca3d3bc
SHA512

2ccfa11cbf3a91db446f97a8ee24ae9c8e3609cf04059f7c14053357c8dc97ab4a8abaf76e4074ed1accc072396647aca5f296d2e64b4f0a09c0d0adda2793e9
SSDEEP

49152:gZzQqIEjvDQPOnR2mSBn/VSlsBCXHWfVyR:gYqky

Score

10^/10

latrodectus discovery loader

Malware Config

Extracted

Family

latrodectus

Version

1.4

C2

https://vivaforevew.com/test/

https://wersogkiwgow.com/test/

Attributes

group
Omega
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Tob 1.1)

aes.hex

Extracted

Family

latrodectus

aes.hex

Targets

- Target
  
  b23962c407c203d636dc03c8c0ab5b629ebc3cbe8464d9cc66713c82cca3d3bcN.exe
- Size
  
  2.2MB
- MD5
  
  0785848633143abf9af51eb44b85ad40
- SHA1
  
  ce4fed77393a6654613454add65397dbced319a3
- SHA256
  
  b23962c407c203d636dc03c8c0ab5b629ebc3cbe8464d9cc66713c82cca3d3bc
- SHA512
  
  2ccfa11cbf3a91db446f97a8ee24ae9c8e3609cf04059f7c14053357c8dc97ab4a8abaf76e4074ed1accc072396647aca5f296d2e64b4f0a09c0d0adda2793e9
- SSDEEP
  
  49152:gZzQqIEjvDQPOnR2mSBn/VSlsBCXHWfVyR:gYqky
Score

10^/10

latrodectus loader discovery
- Latrodectus family
  latrodectus
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusloader

behavioral2

latrodectusdiscoveryloader