latrodectus | 9b28bbe25a2538646ab4c9d38616aec75dfe40beab1764812b03433223931b0b | Triage

Sharing

General

Target

9b28bbe25a2538646ab4c9d38616aec75dfe40beab1764812b03433223931b0b.exe
Size

2.2MB
Sample

250217-f489cssjhv
MD5

db19545cd739771314c6ccdac332927e
SHA1

821da5c7ae41ffe12efacf73e0164ae7cd1d9bc2
SHA256

9b28bbe25a2538646ab4c9d38616aec75dfe40beab1764812b03433223931b0b
SHA512

477c2857b48ea03a13b5134af1b68194afffb631a8dd1bf6d0720944964548be8674d464394b7464eada2ac11f7d240c3473dd71597850d9b246268412c7fa83
SSDEEP

49152:2ZzQqIEjvDQPOnRdmSBn/VSlsB/XHW0xyexg1:2YYRyN1

Score

10^/10

latrodectus discovery loader

Malware Config

Extracted

Family

latrodectus

Version

1.4

C2

https://apworsindos.com/test/

https://reminasolirol.com/test/

Attributes

group
Mimikast
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Tob 1.1)

aes.hex

Extracted

Family

latrodectus

aes.hex

Targets

- Target
  
  9b28bbe25a2538646ab4c9d38616aec75dfe40beab1764812b03433223931b0b.exe
- Size
  
  2.2MB
- MD5
  
  db19545cd739771314c6ccdac332927e
- SHA1
  
  821da5c7ae41ffe12efacf73e0164ae7cd1d9bc2
- SHA256
  
  9b28bbe25a2538646ab4c9d38616aec75dfe40beab1764812b03433223931b0b
- SHA512
  
  477c2857b48ea03a13b5134af1b68194afffb631a8dd1bf6d0720944964548be8674d464394b7464eada2ac11f7d240c3473dd71597850d9b246268412c7fa83
- SSDEEP
  
  49152:2ZzQqIEjvDQPOnRdmSBn/VSlsB/XHW0xyexg1:2YYRyN1
Score

10^/10

latrodectus loader discovery
- Latrodectus family
  latrodectus
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusloader

behavioral2

latrodectusdiscoveryloader