Extracted

• • Target

    bd7d710c5e3bcef37896ef22a6ff38128064a2ad870799da3c88466fc71b9d70N

  • Size

    1024KB

  • MD5

    5218d29024fe782f2b3a89c8f2126280

  • SHA1

    00c48ebcf9eebce4e6553685b51e81bf5ae157e1

  • SHA256

    bd7d710c5e3bcef37896ef22a6ff38128064a2ad870799da3c88466fc71b9d70

  • SHA512

    6a14eba5410dbb9a2104652a66136003e5c83e4639180588b507a5a18c047ac77fe8c59d48808ad4e51b1482c0ebe47bf18a29699dbc92585af0b8001f10caf8

  • SSDEEP

    12288:a6eVQkTrvj4d+dONGRpz5ljXeLY8Kk5tqGN0GvTBb/A4h75L:anQkTf4d+INGxetl0GrBb/A675

  Score

  10^/10

  latentbotdiscoveryevasiontrojan

  • LatentBot

    Modular trojan written in Delphi which has been in-the-wild since 2013.

    trojanlatentbot

  • Modifies firewall policy service

    evasion

  • Uses the VBS compiler for execution

  • Suspicious use of SetThreadContext

  behavioral1behavioral2