Extracted

• • Target

    358c00f34151b4f4ce7e4a5a0cc47732_JaffaCakes118

  • Size

    564KB

  • MD5

    358c00f34151b4f4ce7e4a5a0cc47732

  • SHA1

    3478e8df90d4df7566d25f1110d24f07185c5c19

  • SHA256

    dafc5e2421be4ab323c4ec3156f11591b4cc87484f6db8ab87ec458d0c1dccc5

  • SHA512

    9645941066601b2392e9f96f3120eca653099ace85f392f183da39ded74523dcd39ee1e35546136793918fd4d168da1901a317edbadc35145fd45a4b607d32ed

  • SSDEEP

    12288:aFKQoLAmfKd48iIcymf+K+aLyToflot0t:U2rGKdEo

  Score

  10^/10

  latentbotdiscoveryevasiontrojan

  • LatentBot

    Modular trojan written in Delphi which has been in-the-wild since 2013.

    trojanlatentbot

  • Modifies firewall policy service

    evasion

  • Uses the VBS compiler for execution

  • Suspicious use of SetThreadContext

  behavioral1behavioral2