latentbot | 131e01c9caf77d3c1513d23c2900ca567c03ceaca8f8e6d5db1ae6d7546442ee | Triage

Sharing

General

Target

97ea0f0874451c8ec33356e7ef6926d4_JaffaCakes118
Size

48KB
Sample

240814-2b258stdpk
MD5

97ea0f0874451c8ec33356e7ef6926d4
SHA1

2f276ba6e642bc9976b9b3f1d629f8a82b21ecb5
SHA256

131e01c9caf77d3c1513d23c2900ca567c03ceaca8f8e6d5db1ae6d7546442ee
SHA512

cfaf608f248f732586b4f1bd543bc3480daa1cfc3c986c2f64e2f7b4bca874307d548193a4703908c6dfc2d49d00f917a69395f3c80d3d460221aa9334ad1439
SSDEEP

768:9VdmvmGO0DkFIuNlFzFpB1EATfWmvmGOY:svmGO0DkDrbZTfjvmGO

Score

10^/10

latentbot discovery trojan

Malware Config

Extracted

Family

latentbot

C2

atualizador.zapto.org

Targets

- Target
  
  97ea0f0874451c8ec33356e7ef6926d4_JaffaCakes118
- Size
  
  48KB
- MD5
  
  97ea0f0874451c8ec33356e7ef6926d4
- SHA1
  
  2f276ba6e642bc9976b9b3f1d629f8a82b21ecb5
- SHA256
  
  131e01c9caf77d3c1513d23c2900ca567c03ceaca8f8e6d5db1ae6d7546442ee
- SHA512
  
  cfaf608f248f732586b4f1bd543bc3480daa1cfc3c986c2f64e2f7b4bca874307d548193a4703908c6dfc2d49d00f917a69395f3c80d3d460221aa9334ad1439
- SSDEEP
  
  768:9VdmvmGO0DkFIuNlFzFpB1EATfWmvmGOY:svmGO0DkDrbZTfjvmGO
Score

10^/10

latentbot discovery trojan
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latentbotdiscoverytrojan

behavioral2

latentbotdiscoverytrojan