Extracted

• • Target

    d92e729f9618ff603a986616ab151c0b_JaffaCakes118

  • Size

    227KB

  • MD5

    d92e729f9618ff603a986616ab151c0b

  • SHA1

    e09ca552012fde04ec37a652eaea71bb538524d9

  • SHA256

    8e90fd01db0783e7d12f388553dd34214628914afdd7e985d23bff465fe7e606

  • SHA512

    9101e4a5ecb1c1c9cb4ae78ae2c0ffbd10c45b0020f14c91d6b9746e9c3e355f959c3f2522f16146b80eab1f69e97eff17f085502dc9e1df3fc5f4ef65e56e41

  • SSDEEP

    6144:BreHMA9n+aC1meyUGimMlmg0qRgDnhxhDbsWe:5eHMSW1meyUGp0m3qRMnhTQZ

  Score

  10^/10

  latentbotbootkitdiscoverypersistencetrojan

  • LatentBot

    Modular trojan written in Delphi which has been in-the-wild since 2013.

    trojanlatentbot

  • Drops startup file

  • Writes to the Master Boot Record (MBR)

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  behavioral1behavioral2