latentbot | de0096c5adc377d6d1a144ec1b9b72bc54d37efa1a6afdf40d40001d30cf0460 | Triage

Sharing

General

Target

43c997457a0e3ffe3e210adaf387bb68_JaffaCakes118
Size

48KB
Sample

241014-x1ptzs1hqc
MD5

43c997457a0e3ffe3e210adaf387bb68
SHA1

1855916dcdb5deeb49609cfed062e9707932f37e
SHA256

de0096c5adc377d6d1a144ec1b9b72bc54d37efa1a6afdf40d40001d30cf0460
SHA512

96d9fc1731e78faa3aa9a275d309fc5c41e4ad170dca958aa0d8f15a7a8066538293b84c82b2cf94c6516a4f9272c6df7df7b41d69b3a4f56e27e8c3f663fac1
SSDEEP

768:1VdmvmGO0DkFIuNlFzFpB1EATfWmvmGOY:UvmGO0DkDrbZTfjvmGO

Score

10^/10

latentbot discovery trojan

Malware Config

Extracted

Family

latentbot

C2

atualizador.zapto.org

Targets

- Target
  
  43c997457a0e3ffe3e210adaf387bb68_JaffaCakes118
- Size
  
  48KB
- MD5
  
  43c997457a0e3ffe3e210adaf387bb68
- SHA1
  
  1855916dcdb5deeb49609cfed062e9707932f37e
- SHA256
  
  de0096c5adc377d6d1a144ec1b9b72bc54d37efa1a6afdf40d40001d30cf0460
- SHA512
  
  96d9fc1731e78faa3aa9a275d309fc5c41e4ad170dca958aa0d8f15a7a8066538293b84c82b2cf94c6516a4f9272c6df7df7b41d69b3a4f56e27e8c3f663fac1
- SSDEEP
  
  768:1VdmvmGO0DkFIuNlFzFpB1EATfWmvmGOY:UvmGO0DkDrbZTfjvmGO
Score

10^/10

latentbot discovery trojan
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

latentbotdiscoverytrojan

behavioral2

latentbotdiscoverytrojan