General

  • Target

    649e2d.msi

  • Size

    5.0MB

  • Sample

    250416-nc6m6avmv4

  • MD5

    4b7e693cd154ff08ba9593fab4f8cf77

  • SHA1

    be928f3d6903df2740c98a611ea204d940d61509

  • SHA256

    aef5c150cfe8154ed290b293e30d552cfb9b40b3552369345c7c2f135b63aac4

  • SHA512

    169cc10d089134df9f8910185a8674f36649a3e02450569b9a7b718edd500575859a86654d8b284f9f44520db8f93d645a8b2c1dd6c3b47d2f480a5cc93dc613

  • SSDEEP

    98304:6YVK/AKIO+9ryVzg+VojBTg3rsY0QuJGz85yil6FTPpAX2uV50cVrhE0:++9VjBTQrx18EikFTpi6aG0

Malware Config

Extracted

Family

latrodectus

Version

1.4

C2

https://carflotyup.com/test/

https://architrata.com/test/

aes.hex

Targets

    • Target

      649e2d.msi

    • Size

      5.0MB

    • MD5

      4b7e693cd154ff08ba9593fab4f8cf77

    • SHA1

      be928f3d6903df2740c98a611ea204d940d61509

    • SHA256

      aef5c150cfe8154ed290b293e30d552cfb9b40b3552369345c7c2f135b63aac4

    • SHA512

      169cc10d089134df9f8910185a8674f36649a3e02450569b9a7b718edd500575859a86654d8b284f9f44520db8f93d645a8b2c1dd6c3b47d2f480a5cc93dc613

    • SSDEEP

      98304:6YVK/AKIO+9ryVzg+VojBTg3rsY0QuJGz85yil6FTPpAX2uV50cVrhE0:++9VjBTQrx18EikFTpi6aG0

    • Detects Latrodectus

      Detects Latrodectus v1.4.

    • Latrodectus family

    • Latrodectus loader

      Latrodectus is a loader written in C++.

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v16

Tasks