Analysis Overview
score
10/10
SHA256
69af1d10dd1dacae362ab8fd4e5bcc97ddb363cdeb06a4bf1bc3db4dfc68b1e1
Threat Level: Known bad
The file mwtsp.dll was found to be: Known bad.
Malicious Activity Summary
Latrodectus family
Latrodectus loader
Blocklisted process makes network request
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2025-05-16 16:38
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2025-05-16 16:38
Reported
2025-05-16 16:44
Platform
win10ltsc2021-20250425-de
Max time kernel
199s
Max time network
213s
Command Line
rundll32.exe C:\Users\Admin\AppData\Local\Temp\mwtsp.dll,zlqdwWLMkVsgIO
Signatures
Latrodectus family
Latrodectus loader
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\system32\rundll32.exe | N/A |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\mwtsp.dll,zlqdwWLMkVsgIO
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 172.217.16.227:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | daringdesigners.com | udp |
| US | 104.21.0.84:443 | daringdesigners.com | tcp |
| US | 8.8.8.8:53 | domtrst455.com | udp |
| US | 172.67.219.126:443 | domtrst455.com | tcp |
Files
memory/5444-3-0x0000022794C00000-0x00000227968B2000-memory.dmp
memory/5444-0-0x0000022794C00000-0x00000227968B2000-memory.dmp