Overview

overview

10

Static

static

10

a1b3c334db...f8.msi

windows7-x64

10

a1b3c334db...f8.msi

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a1b3c334db545aaf83e573c915d23e4eefae734970ad6895a67a7b97279c24f8

  • Size

    22.9MB

  • Sample

    240518-zbkvvaef69

  • MD5

    1a526ef8e0d93204cf570fe413be69cf

  • SHA1

    4eac6841481e6b35f48c38bb8cf64ebb3878fc04

  • SHA256

    a1b3c334db545aaf83e573c915d23e4eefae734970ad6895a67a7b97279c24f8

  • SHA512

    5ebf90213460c9b92401da2d7765af19305e977d8ea6a10e3c7b435a73a010f2e0fa418a932ab7f5dc0aaa025123a1bfc5a8105edb42b5ec424690585026c85e

  • SSDEEP

    393216:xopaHTAZuGS1jOXNl/BXbcl0Xrz8o04Z:7LmBV04Z

Score
10/10
latentbotbankerpersistencetrojan

Malware Config

Targets

    • Target

      a1b3c334db545aaf83e573c915d23e4eefae734970ad6895a67a7b97279c24f8

    • Size

      22.9MB

    • MD5

      1a526ef8e0d93204cf570fe413be69cf

    • SHA1

      4eac6841481e6b35f48c38bb8cf64ebb3878fc04

    • SHA256

      a1b3c334db545aaf83e573c915d23e4eefae734970ad6895a67a7b97279c24f8

    • SHA512

      5ebf90213460c9b92401da2d7765af19305e977d8ea6a10e3c7b435a73a010f2e0fa418a932ab7f5dc0aaa025123a1bfc5a8105edb42b5ec424690585026c85e

    • SSDEEP

      393216:xopaHTAZuGS1jOXNl/BXbcl0Xrz8o04Z:7LmBV04Z

    Score
    10/10
    latentbotpersistencetrojan

    • LatentBot

      Modular trojan written in Delphi which has been in-the-wild since 2013.

      trojanlatentbot

    • Adds Run key to start application

      persistence

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks