latrodectus | 1bff045153c2e636bff3f688cf8fd8c524362a1b812e4821f379d64453ef8dbe | Triage

Sharing

General

Target

1bff045153c2e636bff3f688cf8fd8c524362a1b812e4821f379d64453ef8dbe.exe
Size

1.8MB
Sample

250320-cs1ajavkz9
MD5

e9c0510e88682f6c354ddd267fcd2ac0
SHA1

5a4295f88e2a73f57c04566f84480bf5ee8e6d8c
SHA256

1bff045153c2e636bff3f688cf8fd8c524362a1b812e4821f379d64453ef8dbe
SHA512

12c2bfbfc43e71851470abc4ea6e364d7745f4e0a4da2d88e3e79edc911b7f6a583d29c7c86b62eceecf656bfe49121fa2057402f8ae73eddaf7fcaac3a0d5bb
SSDEEP

49152:9srSb808eyLlSRqVNPseFyTJ1CLXuzYYjc8F4HcDsYfPFGMSugRP:KL1PYTI9Hco

Score

10^/10

latrodectus loader

Malware Config

Extracted

Family

latrodectus

Version

1.4

C2

https://remustarofilac.com/test/

https://horetimodual.com/test/

Attributes

group
Ferrary
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Tob 1.1)

aes.hex

Extracted

Family

latrodectus

aes.hex

Targets

- Target
  
  1bff045153c2e636bff3f688cf8fd8c524362a1b812e4821f379d64453ef8dbe.exe
- Size
  
  1.8MB
- MD5
  
  e9c0510e88682f6c354ddd267fcd2ac0
- SHA1
  
  5a4295f88e2a73f57c04566f84480bf5ee8e6d8c
- SHA256
  
  1bff045153c2e636bff3f688cf8fd8c524362a1b812e4821f379d64453ef8dbe
- SHA512
  
  12c2bfbfc43e71851470abc4ea6e364d7745f4e0a4da2d88e3e79edc911b7f6a583d29c7c86b62eceecf656bfe49121fa2057402f8ae73eddaf7fcaac3a0d5bb
- SSDEEP
  
  49152:9srSb808eyLlSRqVNPseFyTJ1CLXuzYYjc8F4HcDsYfPFGMSugRP:KL1PYTI9Hco
Score

10^/10

latrodectus loader
- Latrodectus family
  latrodectus
- Latrodectus loader
  Latrodectus is a loader written in C++.
  loader latrodectus
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latrodectusloader

behavioral2

latrodectusloader