latrodectus | 52a81e514d1113019f39273179f691379fbb78cd70a370aea22a00397cef5b99 | Triage

Sharing

General

Target

52a81e514d1113019f39273179f691379fbb78cd70a370aea22a00397cef5b99.exe
Size

1.8MB
Sample

250319-da9a6avny4
MD5

22e933c9c5532d13fbcae3d9f2080c35
SHA1

6311eb48932a5544cbe3c2c2fe2b036231432bd4
SHA256

52a81e514d1113019f39273179f691379fbb78cd70a370aea22a00397cef5b99
SHA512

20a4d7d2328332dc017fd4ced63c8efc45ac90d749db06345422749545cd4391682d37a01b9a91b21b5e70f1f8c8006c80b7e35ed696a239f76911ddf50ed5ac
SSDEEP

49152:9srSb808eyLlSRqVNPseFyTJ1CLXuzYYjc8F4HcDsYfPFGMSugRP:KL1PYTI9Hco

Score

10^/10

latrodectus loader

Malware Config

Extracted

Family

latrodectus

Version

1.4

C2

https://remustarofilac.com/test/

https://horetimodual.com/test/

Attributes

group
Ferrary
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Tob 1.1)

aes.hex

Extracted

Family

latrodectus

aes.hex

Targets

- Target
  
  52a81e514d1113019f39273179f691379fbb78cd70a370aea22a00397cef5b99.exe
- Size
  
  1.8MB
- MD5
  
  22e933c9c5532d13fbcae3d9f2080c35
- SHA1
  
  6311eb48932a5544cbe3c2c2fe2b036231432bd4
- SHA256
  
  52a81e514d1113019f39273179f691379fbb78cd70a370aea22a00397cef5b99
- SHA512
  
  20a4d7d2328332dc017fd4ced63c8efc45ac90d749db06345422749545cd4391682d37a01b9a91b21b5e70f1f8c8006c80b7e35ed696a239f76911ddf50ed5ac
- SSDEEP
  
  49152:9srSb808eyLlSRqVNPseFyTJ1CLXuzYYjc8F4HcDsYfPFGMSugRP:KL1PYTI9Hco
Score

10^/10

latrodectus loader
- Latrodectus family
  latrodectus
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusloader

behavioral2

latrodectusloader