latrodectus | 489541a61e66ed36c56d7c7b35ed57129a9febb201efb9156420cbe9d325c9a6 | Triage

Sharing

General

Target

489541a61e66ed36c56d7c7b35ed57129a9febb201efb9156420cbe9d325c9a6.exe
Size

1.8MB
Sample

250319-h2wxcsxn17
MD5

06ba9f3ecacbca2920c8272a7719ca76
SHA1

a22039c0bcfdf41a2c2f6f37aa38e2d77f36f39a
SHA256

489541a61e66ed36c56d7c7b35ed57129a9febb201efb9156420cbe9d325c9a6
SHA512

38ba64295f030a630b0cd2f3db915743cf801d454b50a6cb36653a75384da15658682846c3ea78fe1637b5fb3ecef58a4a39e1fd4bb21cc16e4f226f78d9d27b
SSDEEP

49152:9srSb808eyLlSRqVNPseFyTJ1CLXuzYYjc8F4HcDsYfPFGMSugRP:KL1PYTI9Hco

Score

10^/10

latrodectus loader

Malware Config

Extracted

Family

latrodectus

Version

1.4

C2

https://remustarofilac.com/test/

https://horetimodual.com/test/

Attributes

group
Ferrary
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Tob 1.1)

aes.hex

Extracted

Family

latrodectus

aes.hex

Targets

- Target
  
  489541a61e66ed36c56d7c7b35ed57129a9febb201efb9156420cbe9d325c9a6.exe
- Size
  
  1.8MB
- MD5
  
  06ba9f3ecacbca2920c8272a7719ca76
- SHA1
  
  a22039c0bcfdf41a2c2f6f37aa38e2d77f36f39a
- SHA256
  
  489541a61e66ed36c56d7c7b35ed57129a9febb201efb9156420cbe9d325c9a6
- SHA512
  
  38ba64295f030a630b0cd2f3db915743cf801d454b50a6cb36653a75384da15658682846c3ea78fe1637b5fb3ecef58a4a39e1fd4bb21cc16e4f226f78d9d27b
- SSDEEP
  
  49152:9srSb808eyLlSRqVNPseFyTJ1CLXuzYYjc8F4HcDsYfPFGMSugRP:KL1PYTI9Hco
Score

10^/10

latrodectus loader
- Latrodectus family
  latrodectus
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusloader

behavioral2

latrodectusloader