General

  • Target

    TmOverlayIcon.dll

  • Size

    3.3MB

  • Sample

    250512-slb75atvdw

  • MD5

    31058b2f10d9d0ea0a095085f7f48419

  • SHA1

    b30fc6a47f9ad18f9051ce9b2db195465239a7ce

  • SHA256

    5f84809a778841f1dc64bc43d6bb1a822d6aa04a3ae65c5f9ad31a7fcb2cbca9

  • SHA512

    b9f76a25302f4e2be18d0b42e6e40446c6de5de726d39d35290c280bf63c5eb3279eaf113498c58a9063a39bf2c8e7c2e543f0954a6149eba73742408b4470cd

  • SSDEEP

    49152:DIU6iTGtlqufVwASO711w8ShREFa6YbqKsf6qB+birSqho4fo+Acz+P+wwOrd7:M+iDKgM6JmbIo64Gw5d7

Score
10/10

Malware Config

Extracted

Family

latrodectus

Version

1.4

C2

https://topguningit.com/test/

https://lofiramegi.com/test/

aes.hex

Targets

    • Target

      TmOverlayIcon.dll

    • Size

      3.3MB

    • MD5

      31058b2f10d9d0ea0a095085f7f48419

    • SHA1

      b30fc6a47f9ad18f9051ce9b2db195465239a7ce

    • SHA256

      5f84809a778841f1dc64bc43d6bb1a822d6aa04a3ae65c5f9ad31a7fcb2cbca9

    • SHA512

      b9f76a25302f4e2be18d0b42e6e40446c6de5de726d39d35290c280bf63c5eb3279eaf113498c58a9063a39bf2c8e7c2e543f0954a6149eba73742408b4470cd

    • SSDEEP

      49152:DIU6iTGtlqufVwASO711w8ShREFa6YbqKsf6qB+birSqho4fo+Acz+P+wwOrd7:M+iDKgM6JmbIo64Gw5d7

    Score
    10/10
    • Latrodectus family

    • Latrodectus loader

      Latrodectus is a loader written in C++.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks