Overview

overview

10

Static

static

3

3017647fe4...18.exe

windows7-x64

10

3017647fe4...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-07-2024 10:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3017647fe452f618c06c623871a9e185_JaffaCakes118.exe

  • Size

    48KB

  • MD5

    3017647fe452f618c06c623871a9e185

  • SHA1

    5c5cc8ed8edd4af9bf1f3cd212ee2378759c80fe

  • SHA256

    c1278ba37a220ee65c94e541066ad2665cd24fb8b391f2c74ab59819a5ad7a19

  • SHA512

    4e3d46c92a59ee2a3a30d09bcae5d9875858d1bfa978bccef141edf8b54cb08c52bc74a638d91f67ac0df174d907c8f55b5bdaa1dd4016afc3e5a368ed7c5744

  • SSDEEP

    384:FU7F3TmDDmGO0QIUH6ir1ga71hwjCHtkDAN2fATmDDmGOjFe:FUdmvmGO05UHpxN1hwj4+AYfWmvmGOY

Score
10/10
latentbottrojan

Malware Config

Extracted

Family

latentbot

C2

atualizador.zapto.org

Signatures

  • LatentBot

    Modular trojan written in Delphi which has been in-the-wild since 2013.

    trojanlatentbot
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3017647fe452f618c06c623871a9e185_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3017647fe452f618c06c623871a9e185_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:244

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads