latentbot | 615d8f481c6e1f11ce8ffb24900738c38b8df265489040ea88bfe8b52fd62369 | Triage

Submit
Reports

Overview

overview

Static

static

3

615d8f481c...69.exe

windows7-x64

615d8f481c...69.exe

windows10-2004-x64

Sharing

General

Target

615d8f481c6e1f11ce8ffb24900738c38b8df265489040ea88bfe8b52fd62369
Size

296KB
Sample

240410-njsd4sha8w
MD5

a2e70ef708c06fdc57b0079dda4f89fe
SHA1

6c04d389d8c0341d8e9a62089febf2e445df1ffd
SHA256

615d8f481c6e1f11ce8ffb24900738c38b8df265489040ea88bfe8b52fd62369
SHA512

86a4a570a7758561bdec46a7ec583023f7ecf8451d892624fd051bc57c98aa8cd79903b60ac075651c11f4ed50adb356e05032e29abbbaf865e8b68f95b4a8bd
SSDEEP

6144:MqqDLuxz9dnBqi2viVlDaaf6QRf+dTucBsHYnG3PxFsQvM:JqnuxRAErSQ0dTuEnKPTM

Score

10^/10

latentbot netwire botnet rat stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

615d8f481c6e1f11ce8ffb24900738c38b8df265489040ea88bfe8b52fd62369.exe

Resource

win7-20231129-en

latentbot netwire botnet rat stealer trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

615d8f481c6e1f11ce8ffb24900738c38b8df265489040ea88bfe8b52fd62369.exe

Resource

win10v2004-20240319-en

latentbot netwire botnet rat stealer trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

netwire

C2

knudandersen.zapto.org:21000

Attributes

activex_autorun
false
copy_executable
false
delete_original
false
host_id
07.03.17
keylogger_dir
C:\NVIDIA\profile\
lock_executable
false
offline_keylogger
true
password
1@wi%252ReNd5y0576Z*
registry_autorun
false
use_mutex
false

Extracted

Family

latentbot

C2

knudandersen.zapto.org

Targets

- Target
  
  615d8f481c6e1f11ce8ffb24900738c38b8df265489040ea88bfe8b52fd62369
- Size
  
  296KB
- MD5
  
  a2e70ef708c06fdc57b0079dda4f89fe
- SHA1
  
  6c04d389d8c0341d8e9a62089febf2e445df1ffd
- SHA256
  
  615d8f481c6e1f11ce8ffb24900738c38b8df265489040ea88bfe8b52fd62369
- SHA512
  
  86a4a570a7758561bdec46a7ec583023f7ecf8451d892624fd051bc57c98aa8cd79903b60ac075651c11f4ed50adb356e05032e29abbbaf865e8b68f95b4a8bd
- SSDEEP
  
  6144:MqqDLuxz9dnBqi2viVlDaaf6QRf+dTucBsHYnG3PxFsQvM:JqnuxRAErSQ0dTuEnKPTM
Score

10^/10

latentbot netwire botnet rat stealer trojan
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
- NetWire RAT payload
  rat
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

latentbotnetwirebotnetratstealertrojan

behavioral2

latentbotnetwirebotnetratstealertrojan

© 2018-2025

Terms | Privacy