General
-
Target
f0c44a8fca902ac825b5b5bce1cb0ff3_JaffaCakes118
-
Size
195KB
-
Sample
241214-z8by7swpcl
-
MD5
f0c44a8fca902ac825b5b5bce1cb0ff3
-
SHA1
92647d01cb4f8edc16dedffe25947d5161bc4877
-
SHA256
653285cb289c7837cd3e8ae15959640b29d4df5f0feb0058a4631385e3246ad6
-
SHA512
716557a571fcde2f9ddb7829d1a35abff934f40a33e2a0ce2902f1716b5bbbdc25fdf610952010a6b8c01462a909687075b595067e86a7aa57793327b1babeee
-
SSDEEP
6144:0BrJA3vpRNAFQiMc+xCvR/1zxgQ0Sio4fe:0BVALNAFQiMcB8X1W
Static task
static1
Behavioral task
behavioral1
Sample
gladiator.exe
Resource
win7-20240903-en
Malware Config
Extracted
latentbot
dreamsserver.zapto.org
Targets
-
-
Target
gladiator.exe
-
Size
247KB
-
MD5
a3d1897a5a519267b7f123eef9de0947
-
SHA1
797c9c1c18465749f1436119edbd5997efe5e301
-
SHA256
7953e42f63dc02aa5e9af2565ad8b42db651c10e9b565c000f1f6df5ce18bc3d
-
SHA512
b890128b11a3ba459af3b3eaa6dee57d590b8ce4cdf188383d04b3c25d097f7e43d248d38f9b9e1a7d7bc181741e9da2ca64a90ea47283a47fac11ad10d183c9
-
SSDEEP
6144:Bz+92mhAMJ/cPl3i8/5ctbOkN4s2Ks1JShvZsB6GgZpQo5HP8sb:BK2mhAMJ/cPlJWtqkv2kBZvGmpZvtb
-
Latentbot family
-
Ramnit family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-