General

  • Target

    fd5ad54b0c21f8386c093ea99812b185d762bd9dd2d7544b0f8236fdf832806b.exe

  • Size

    200KB

  • Sample

    250416-p69gksvrx9

  • MD5

    c3c94e5acafd334da735c625d2183797

  • SHA1

    bf92a2e198fa6fbde31483ce061a258d6fcb0b7f

  • SHA256

    fd5ad54b0c21f8386c093ea99812b185d762bd9dd2d7544b0f8236fdf832806b

  • SHA512

    4a4da67b4052e8853de1534265260f2aefb5a35ec704e3160eb25e4fe67233f233388c44e632edbc0bfa389339764643b7994a2db318e20640ec4d24528ba6d1

  • SSDEEP

    3072:RshfiwwJFkIZ2KzCkIRM2Uikvsp224GhBFuOwxS6spmemNLfSXUuU4:8fWJFnAkIXUiI24GhlwwzGNLfOUR4

Score
10/10

Malware Config

Extracted

Family

latrodectus

Version

1.0

C2

https://carflotyup.com/live/

https://worlpquano.com/live/

Attributes
  • group

    Neptun

  • user_agent

    Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Tob 1.1)

Targets

    • Target

      fd5ad54b0c21f8386c093ea99812b185d762bd9dd2d7544b0f8236fdf832806b.exe

    • Size

      200KB

    • MD5

      c3c94e5acafd334da735c625d2183797

    • SHA1

      bf92a2e198fa6fbde31483ce061a258d6fcb0b7f

    • SHA256

      fd5ad54b0c21f8386c093ea99812b185d762bd9dd2d7544b0f8236fdf832806b

    • SHA512

      4a4da67b4052e8853de1534265260f2aefb5a35ec704e3160eb25e4fe67233f233388c44e632edbc0bfa389339764643b7994a2db318e20640ec4d24528ba6d1

    • SSDEEP

      3072:RshfiwwJFkIZ2KzCkIRM2Uikvsp224GhBFuOwxS6spmemNLfSXUuU4:8fWJFnAkIXUiI24GhlwwzGNLfOUR4

    Score
    10/10
    • Latrodectus family

    • Latrodectus loader

      Latrodectus is a loader written in C++.

    • Deletes itself

    • Executes dropped EXE

MITRE ATT&CK Enterprise v16

Tasks