latentbot | 22e048bc1d7ecf6a5a89c7eb8fea701eda96b4e31b870591bb54f603d1b6a1d2 | Triage

Sharing

General

Target

b7c911c1ef452f48524c838df71814ed_JaffaCakes118
Size

28KB
Sample

240822-qj8r7syflg
MD5

b7c911c1ef452f48524c838df71814ed
SHA1

02b22ffa818af824bfccaa82fb982deac6f610c7
SHA256

22e048bc1d7ecf6a5a89c7eb8fea701eda96b4e31b870591bb54f603d1b6a1d2
SHA512

7cac79e83b6b698040c0fb0e073ee9d73ff8d5c64da9ad9ab8dc8132abc6ba9c97d773246e27b61e21e7ef8a7164fb8a0468cdaeb783e0a957229bdd23f60d87
SSDEEP

192:9Sk34bsjxkbOidz1NqJCmW6rI0jLO4q1EXKO535cbUDA+7:53d9iN1A9W6r/W4Zj53ibUDA+7

Score

10^/10

latentbot discovery trojan

Malware Config

Extracted

Family

latentbot

C2

atualizador.zapto.org

Targets

- Target
  
  b7c911c1ef452f48524c838df71814ed_JaffaCakes118
- Size
  
  28KB
- MD5
  
  b7c911c1ef452f48524c838df71814ed
- SHA1
  
  02b22ffa818af824bfccaa82fb982deac6f610c7
- SHA256
  
  22e048bc1d7ecf6a5a89c7eb8fea701eda96b4e31b870591bb54f603d1b6a1d2
- SHA512
  
  7cac79e83b6b698040c0fb0e073ee9d73ff8d5c64da9ad9ab8dc8132abc6ba9c97d773246e27b61e21e7ef8a7164fb8a0468cdaeb783e0a957229bdd23f60d87
- SSDEEP
  
  192:9Sk34bsjxkbOidz1NqJCmW6rI0jLO4q1EXKO535cbUDA+7:53d9iN1A9W6r/W4Zj53ibUDA+7
Score

10^/10

latentbot discovery trojan
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latentbotdiscoverytrojan

behavioral2

latentbotdiscoverytrojan