latentbot | da2ca3aef2fbc302ff61e6cac1a015d20f24d4277bf5e8a91542e13709466ff2 | Triage

Sharing

General

Target

10a9bc20969e787b091edfa8d5ca370b_JaffaCakes118
Size

56KB
Sample

241003-1wn9fasdkg
MD5

10a9bc20969e787b091edfa8d5ca370b
SHA1

5af080bb18cea53f61a57dd8cdf1039a126a879a
SHA256

da2ca3aef2fbc302ff61e6cac1a015d20f24d4277bf5e8a91542e13709466ff2
SHA512

46146e1a29c1b9bdd373fee8cfb0fb51d7251a65191fb109018a44b02fe81d48564dec378b6576b07b05cea61f837c90548cbcc59ef51d1458914b2cc5bc9619
SSDEEP

1536:arY2icG+m5kG08XCKkziH8lnz3c0uuG3o:ar0cGpyz8ozmi40fGY

Score

10^/10

latentbot discovery persistence trojan

Malware Config

Extracted

Family

latentbot

C2

dasubertang2.zapto.org

Targets

- Target
  
  10a9bc20969e787b091edfa8d5ca370b_JaffaCakes118
- Size
  
  56KB
- MD5
  
  10a9bc20969e787b091edfa8d5ca370b
- SHA1
  
  5af080bb18cea53f61a57dd8cdf1039a126a879a
- SHA256
  
  da2ca3aef2fbc302ff61e6cac1a015d20f24d4277bf5e8a91542e13709466ff2
- SHA512
  
  46146e1a29c1b9bdd373fee8cfb0fb51d7251a65191fb109018a44b02fe81d48564dec378b6576b07b05cea61f837c90548cbcc59ef51d1458914b2cc5bc9619
- SSDEEP
  
  1536:arY2icG+m5kG08XCKkziH8lnz3c0uuG3o:ar0cGpyz8ozmi40fGY
Score

10^/10

latentbot discovery persistence trojan
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latentbotdiscoverypersistencetrojan

behavioral2

latentbotdiscoverypersistencetrojan