latentbot | bf5e89b3ccc58bbd578c53170ab7d85e3f58f6ef5da7f73b4ac4ad5b8f0e0801 | Triage

Submit
Reports

Overview

overview

Static

static

7

5cdf622be0...18.exe

windows7-x64

5cdf622be0...18.exe

windows10-2004-x64

Sharing

General

Target

5cdf622be08646049f98e894d841c535_JaffaCakes118
Size

110KB
Sample

240719-vpe5as1ejp
MD5

5cdf622be08646049f98e894d841c535
SHA1

b64c842d5304de859caa75fe8e65a0bff8083ecd
SHA256

bf5e89b3ccc58bbd578c53170ab7d85e3f58f6ef5da7f73b4ac4ad5b8f0e0801
SHA512

1a6f0cf37f49c33b01a77e4aa1976e639370e182f148c047fb01dd1dad5333c77dd43e734c861eefeab98046a80c7c109d65c7979341af21020e6ec68767a31f
SSDEEP

3072:t1+MJKrUnFYY5z1i0Nmbi5fJBNRFBa3OAiout:7IrPj0NmWtNRF43OAioS

Score

10^/10

latentbot modiloader evasion trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

5cdf622be08646049f98e894d841c535_JaffaCakes118.exe

Resource

win7-20240704-en

latentbot modiloader evasion trojan upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

5cdf622be08646049f98e894d841c535_JaffaCakes118.exe

Resource

win10v2004-20240709-en

latentbot modiloader evasion trojan upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

latentbot

C2

freedomsyria.zapto.org

Targets

- Target
  
  5cdf622be08646049f98e894d841c535_JaffaCakes118
- Size
  
  110KB
- MD5
  
  5cdf622be08646049f98e894d841c535
- SHA1
  
  b64c842d5304de859caa75fe8e65a0bff8083ecd
- SHA256
  
  bf5e89b3ccc58bbd578c53170ab7d85e3f58f6ef5da7f73b4ac4ad5b8f0e0801
- SHA512
  
  1a6f0cf37f49c33b01a77e4aa1976e639370e182f148c047fb01dd1dad5333c77dd43e734c861eefeab98046a80c7c109d65c7979341af21020e6ec68767a31f
- SSDEEP
  
  3072:t1+MJKrUnFYY5z1i0Nmbi5fJBNRFBa3OAiout:7IrPj0NmWtNRF43OAioS
Score

10^/10

latentbot modiloader evasion trojan upx
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- UAC bypass
  evasion trojan
- ModiLoader Second Stage
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latentbotmodiloaderevasiontrojanupx

behavioral2

latentbotmodiloaderevasiontrojanupx

© 2018-2025

Terms | Privacy