Extracted

• • Target

    3e11d0e40891aca81299fdab4f0ef7d58fcae751a056657d78545243f6b8fd41.exe

  • Size

    604KB

  • MD5

    65317c7fbc650185c0fd0c30c888614b

  • SHA1

    7366e46afd22277e417e919de799b26d307acd55

  • SHA256

    3e11d0e40891aca81299fdab4f0ef7d58fcae751a056657d78545243f6b8fd41

  • SHA512

    4b4a235cf7f0d6ef454e5a630cf88dad92f86bc06d0ab89382e5232ba15556643121c8a4f88af8f97a8427f43f7a08b8a0280d950263f2a7f7f6d67cf42a92c7

  • SSDEEP

    12288:bXw/y8pjSviakCjnZlr1PuUaK0ohPV/gKwUnvuFTDtxWdMVV:Mqniak2nZlrYUarohPVGUnvuFTDtx2MP

  Score

  10^/10

  latentbotdiscoverypersistencetrojanupx

  • LatentBot

    Modular trojan written in Delphi which has been in-the-wild since 2013.

    trojanlatentbot

  • Latentbot family

    latentbot

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2