latentbot | 2bb71ca4a70842ccc89cede0a53d1be30f9d0cc35d828e2d15c816a36eb2ff47 | Triage

Resubmissions

06-05-2024 10:43

240506-mr9space53 6

04-05-2024 18:27

240504-w32qwsee9y 10

Sharing

General

Target

13f1c4803636ad776485cb41c2c853ac_JaffaCakes118
Size

733KB
Sample

240504-w32qwsee9y
MD5

13f1c4803636ad776485cb41c2c853ac
SHA1

dbba5a20a3eb52693feaf11e5d06874265270b44
SHA256

2bb71ca4a70842ccc89cede0a53d1be30f9d0cc35d828e2d15c816a36eb2ff47
SHA512

bd64af0e67f189d154cc0e03c21fd3de9d51362e5ac299606cb4808c776fad1aa681236058d2ede82a4c2a628d939ae7980c9620fa349102a4e4acdb1473a7fe
SSDEEP

12288:QL+fPzclouOT55WMfxtZCy/j7dkYr/bPmU0Ne3P3fHrubAGaeFkUNPt7n36:QdlHA5M6x7Cyf+I5GAvDubH9Nt7K

Score

10^/10

latentbot linux trojan

Malware Config

Extracted

Family

latentbot

C2

spontela211.zapto.org

spontela213.zapto.org

spontela219.zapto.org

spontela215.zapto.org

spontela217.zapto.org

Targets

- Target
  
  cpuhunter-master/WindowsFiles/is-dd.vbs/1kb.exe
- Size
  
  68KB
- MD5
  
  c712f7d5e28f63944da9c172ae5a1c01
- SHA1
  
  20f6b08fc5275b810c8c7858e2d2ddff0899cbd5
- SHA256
  
  343af74503346bb2c048807a261b774abcb8854c36dcb661edcf26b0a6d2113d
- SHA512
  
  f93be79fd844ae038aab73043e4d1932370b380566ebf0260f4b7f135627c4950a23ad4fc0626ca6ad6343224c328a364249ac5e91e5071009829c9e0bebe4a5
- SSDEEP
  
  1536:v833jyLRqb8fkf+0kR9Y3EZAdJyQd3WCJUJ:033jSRqB3u9Y3EyJyQdmCw
Score

10^/10

latentbot trojan
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
behavioral1 behavioral2
- Target
  
  cpuhunter-master/WindowsFiles/to_common_startup.vbs
- Size
  
  125B
- MD5
  
  914fe15992bed48b9959d2899925a07f
- SHA1
  
  817df147f94e491cca8c20ffece62691c5693ecd
- SHA256
  
  9ec3746060bf53ac1f79fe58c674a7c1ed949683d67f251b1ec2b5506b4d334e
- SHA512
  
  322debf9a248a2e67cd1d1b908463351773eeb1d0cc44753cc7ba232c4e831574ba7d871d0d9407391cc8e5a9f6c80380b3f8cd94c820a9513e6bba32ac4a402
Score

3^/10
behavioral3 behavioral4
- Target
  
  cpuhunter-master/exeinstaller.py
- Size
  
  800B
- MD5
  
  62a1ecf7a9ec15224263bf3688673c7d
- SHA1
  
  bfe91c7f15e5b9024077c23e35c2dda389f4ade7
- SHA256
  
  e9038675222050896e7a267fb5846abfb7d51208a337f34a8a77a1c657147039
- SHA512
  
  610565cf81faedd18acb8fd8280df4830c35b3cbfaf0e625e106d39a90bb1a57f39e9a5362de12d1635b3d2eb5e6932a4b26fb8bb216f8c962c4667326a50d6a
Score

1^/10
behavioral5 behavioral6 behavioral7 behavioral8
- Target
  
  cpuhunter-master/extra/auto_reboot_kapat.py
- Size
  
  789B
- MD5
  
  fc0fbb799fcc16e911868d3eb4cff3ae
- SHA1
  
  5eea1fd8c7f3d767ae9abea917b0345936ee0de4
- SHA256
  
  a85561fcad99fee0070b1f1b50f4d8e1c3cb2908b5128682c79f75db78d93a5f
- SHA512
  
  0824ac047746aa5d5ced89878807332d7d4389adad3325b456d104eb4e0858ab7fe4acf623948d114178e44cdb3292796c1dda71251be30a3784737d240ae5e4
Score

1^/10
behavioral10 behavioral11 behavioral12 behavioral9
- Target
  
  cpuhunter-master/extra/panelleri_gizle_goster.py
- Size
  
  782B
- MD5
  
  c783fc6e6f61444a39c5116a707062c3
- SHA1
  
  6e064381075252fa445b23f9757d130f6f93f0f6
- SHA256
  
  7eeb167c99afbf1a48bd3cdf920e0a3111f2c103fed61d35005e21af280418ef
- SHA512
  
  3a4ec5a1305f96b3e776d3ef9587ca46616c127693140c8ae79fc82c481c6829bf70ec075ca6d2569419f8c29c82fd368d64d038d63c3dfe4b2bc265d239b1f4
Score

3^/10
behavioral13 behavioral14 behavioral15 behavioral16
- Target
  
  cpuhunter-master/extra/run_on_startup.py
- Size
  
  229B
- MD5
  
  3bce16033fe86003a06ee3abd4d87f88
- SHA1
  
  e9083cffc13e90903acb5fa087630358e518e020
- SHA256
  
  e0f19be80c7227d6b95d5b74273b3d55efbf2bdd33c3caf0a2050c3d7b8ab5a9
- SHA512
  
  819d37db3ef7ed9eb0187c953ab3e14e2b95ff8b26b6d46e2c1e74998039e68946a42e7b44dccf06ca43795b0128ea4327138dc4dc37f93d0b2841e88cd89791
Score

1^/10
behavioral17 behavioral18 behavioral19 behavioral20
- Target
  
  cpuhunter-master/so/f.so
- Size
  
  923KB
- MD5
  
  d01ec874d8645a59be125ac604025ee3
- SHA1
  
  31745fef16d0128092b9eee4efc5a95b6756ca0b
- SHA256
  
  8f478737c0e3cd06050eda0a1289d5cceed6e862363e134514d2bc44c4d5f169
- SHA512
  
  1144a4b44c43a4c3d891332d9d91765a0ff6e84d9fbfcf807c18501a614ca9ac05c6096dc86bf20cc3beff02cadda090c30807ae94079f99dcae1ee4c37d183f
- SSDEEP
  
  12288:9hO5XGhrCdpM0yWZWmoJneg69Jfz6nyse+rgwr1pFw5Uqo6HS:02IpM00otTC3eAJxqo
Score

1^/10
behavioral21
- Target
  
  cpuhunter-master/so/k.so
- Size
  
  1008KB
- MD5
  
  681e3b0728adb124c16b7df79f342b2c
- SHA1
  
  6e83a6eb0874049c2230b1548542f5d099d68800
- SHA256
  
  14df868d16a3a838e13a8b83c64ef2976e5e15024aff1f525433dcbcd5cf2b68
- SHA512
  
  4d0ad38137b0500840e2feb3eef3e2993e81977193e3aea151521694649ec5f2ae8f54872b19e521303646aefdf2b2160530b6b568c65c0282f4baeae1bb7fa6
- SSDEEP
  
  12288:Cxg4S9uVEHr9PJ/rmqumXtk7fBN7R5a4K6HIvu0gNlcHtGv:og/9pZPJ/rmqumXtk73LIWt
Score

1^/10
behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

latentbottrojan

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22