General

  • Target

    811e6ee6bb9220a45c9e2706dc15bc82_JaffaCakes118

  • Size

    58KB

  • Sample

    240801-te5rjasfnh

  • MD5

    811e6ee6bb9220a45c9e2706dc15bc82

  • SHA1

    8c01ac137d94adea4574e9949770b114973c97c2

  • SHA256

    18a954ac0a1239ab483e975f35098039440fa4a364569144b8c40e333af8f72e

  • SHA512

    4e9edcd15ecbf323c2e12b30c0001c8f86c8ce5822c81878ef465648d2b5799d2679fbf220cee869b90b25df8a19799244638f0b9c685a82e281ec5f5927bf3a

  • SSDEEP

    1536:Hu4O3qaDdgdM+2ewKXd4wW55dJlmx+3aql4dmcJ5kYu:O4O31DdqRwmqdZqmK5u

Malware Config

Extracted

Family

latentbot

C2

jetmaplestory.zapto.org

Targets

    • Target

      811e6ee6bb9220a45c9e2706dc15bc82_JaffaCakes118

    • Size

      58KB

    • MD5

      811e6ee6bb9220a45c9e2706dc15bc82

    • SHA1

      8c01ac137d94adea4574e9949770b114973c97c2

    • SHA256

      18a954ac0a1239ab483e975f35098039440fa4a364569144b8c40e333af8f72e

    • SHA512

      4e9edcd15ecbf323c2e12b30c0001c8f86c8ce5822c81878ef465648d2b5799d2679fbf220cee869b90b25df8a19799244638f0b9c685a82e281ec5f5927bf3a

    • SSDEEP

      1536:Hu4O3qaDdgdM+2ewKXd4wW55dJlmx+3aql4dmcJ5kYu:O4O31DdqRwmqdZqmK5u

    • LatentBot

      Modular trojan written in Delphi which has been in-the-wild since 2013.

    • Server Software Component: Terminal Services DLL

    • Deletes itself

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks