General

  • Target

    7339bf06b3a3bd307ce94839b615fbff_JaffaCakes118

  • Size

    252KB

  • Sample

    240726-jzdhnszarf

  • MD5

    7339bf06b3a3bd307ce94839b615fbff

  • SHA1

    f3a37d9d0d3f4f18451fee1853efba5556e7cfb1

  • SHA256

    23fa1f6dda64256009b6afa5cf63588e63f308fbf17aa323f27f8998388f5139

  • SHA512

    b11108bab4f8245f3a78f65734c6fd9879119f3b1b98625e7427519213f924150e8098362e06092114343473623f3ed7adfbaca65531e24e3fadc07a0158a7ca

  • SSDEEP

    3072:uqBUriSnqUCSIdix50MsY0+8yQrX1x8+haE0WUjIf163us3Ks+6Agt0cvH4YQ93v:uqBUHqUCwZ1QbhiVjL3Kdviidf

Malware Config

Extracted

Family

latentbot

C2

provocatur2.zapto.org

Targets

    • Target

      7339bf06b3a3bd307ce94839b615fbff_JaffaCakes118

    • Size

      252KB

    • MD5

      7339bf06b3a3bd307ce94839b615fbff

    • SHA1

      f3a37d9d0d3f4f18451fee1853efba5556e7cfb1

    • SHA256

      23fa1f6dda64256009b6afa5cf63588e63f308fbf17aa323f27f8998388f5139

    • SHA512

      b11108bab4f8245f3a78f65734c6fd9879119f3b1b98625e7427519213f924150e8098362e06092114343473623f3ed7adfbaca65531e24e3fadc07a0158a7ca

    • SSDEEP

      3072:uqBUriSnqUCSIdix50MsY0+8yQrX1x8+haE0WUjIf163us3Ks+6Agt0cvH4YQ93v:uqBUHqUCwZ1QbhiVjL3Kdviidf

    • LatentBot

      Modular trojan written in Delphi which has been in-the-wild since 2013.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks