Extracted

• • Target

    839f5ff107b46c8b78d477f1439cdf39_JaffaCakes118

  • Size

    3.0MB

  • MD5

    839f5ff107b46c8b78d477f1439cdf39

  • SHA1

    ec84bc483e5ec9c443c787c3e49215a47e6eca68

  • SHA256

    81043d92ed7cbbb062c61a78e1ccd3d9a038f9d26a4527ae575832f2f9b56a09

  • SHA512

    7675487d812498ab416fbb40028b5a37faf5631d1737eaa3f91274d4536a91471ef1e19857473c00a0c4c0c094745b86f9a2cb13a4490356f944403c4262bb3d

  • SSDEEP

    49152:OfHQZsWSMjaQv77HteKpSqeIHY7soObOGvvm1Tx9uiGhUlSAZ2CNgMtN:Ok3aQv7hp67s5OUvmn9udB1/MtN

  Score

  10^/10

  latentbotdiscoverypersistencetrojan

  • LatentBot

    Modular trojan written in Delphi which has been in-the-wild since 2013.

    trojanlatentbot

  • Latentbot family

    latentbot

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2