Extracted

• • Target

    3b370b953ef2d9b779386784e1b15382_JaffaCakes118

  • Size

    140KB

  • MD5

    3b370b953ef2d9b779386784e1b15382

  • SHA1

    99ef5b16e3cc557184dd8a5bec13ab81e27f75ee

  • SHA256

    aa6a2cc7a6f3f29982f84c5974215cfc3cfc5543747075c72f7da6b6e95ac305

  • SHA512

    d2b31f12a6933535a62db49769b3f9946f7ce42189afd61e4de992d0b38187fac54f9eb41831d0ecd2675b36e8de0a16a3dfbfab70fac7a16eea952f62d7f157

  • SSDEEP

    3072:t2wtiuMIbfeYRauL2NOy2Vzhv2Q43aNZ+dQJ98xgtojsdTcItLb:btiDmauLy6h1Ys9/oK3

  Score

  10^/10

  latentbotevasionpersistencetrojan

  • LatentBot

    Modular trojan written in Delphi which has been in-the-wild since 2013.

    trojanlatentbot

  • Modifies WinLogon for persistence

    persistence

  • Adds Run key to start application

    persistence

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2