latentbot | 792ec616288fccf1d74095e7dc5a0b5f8fed0d518aa907f3d0c155748bf8dbe4 | Triage

Sharing

General

Target

a27bad6ae197b4dc62dc1d8e3b650f03_JaffaCakes118
Size

36KB
Sample

240817-pdx8vavcqc
MD5

a27bad6ae197b4dc62dc1d8e3b650f03
SHA1

e9f406a734799d78c45cae50514025a7155777ec
SHA256

792ec616288fccf1d74095e7dc5a0b5f8fed0d518aa907f3d0c155748bf8dbe4
SHA512

45f6f2ab24047daa39f3e5a8ea8addc2244aacc2fa8936301fdbff6d5dc9dd1551db303f115665f4e723e9b03f2e44a847e698f83bd592f03dd85d6c31785dce
SSDEEP

384:JdlsV3xKXCmksnXenNEhJfFQoEQd0fQQYQ94PMvlc8D6sJpr:6V3+1ksOnNEHfkfp4kvlX7P

Score

10^/10

latentbot discovery trojan

Malware Config

Extracted

Family

latentbot

C2

atualizador.zapto.org

Targets

- Target
  
  a27bad6ae197b4dc62dc1d8e3b650f03_JaffaCakes118
- Size
  
  36KB
- MD5
  
  a27bad6ae197b4dc62dc1d8e3b650f03
- SHA1
  
  e9f406a734799d78c45cae50514025a7155777ec
- SHA256
  
  792ec616288fccf1d74095e7dc5a0b5f8fed0d518aa907f3d0c155748bf8dbe4
- SHA512
  
  45f6f2ab24047daa39f3e5a8ea8addc2244aacc2fa8936301fdbff6d5dc9dd1551db303f115665f4e723e9b03f2e44a847e698f83bd592f03dd85d6c31785dce
- SSDEEP
  
  384:JdlsV3xKXCmksnXenNEhJfFQoEQd0fQQYQ94PMvlc8D6sJpr:6V3+1ksOnNEHfkfp4kvlX7P
Score

10^/10

latentbot discovery trojan
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latentbotdiscoverytrojan

behavioral2

latentbotdiscoverytrojan