Overview

overview

10

Static

static

10

bot.arm.elf

debian-9-armhf

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bot.arm.elf

  • Size

    130KB

  • Sample

    250102-c9aq7syqfw

  • MD5

    be34599671eb2e1cd8d1e34310b8c8d0

  • SHA1

    4bbef1faa2e7b59b4bc3e7982729d1df8fa17d09

  • SHA256

    8300075b9288fb25a2bc24868cdc4724220c4a5581e4f0a5e511e3b46839aa2d

  • SHA512

    5d635bb3638d253b7070d6c9a2c2044121f87e5ff5c016773ddf1cac2970db26cf591cb6c35885a9824adb0edbb3fd53abc180bebb75d87f9b021ce2b38c8dc2

  • SSDEEP

    3072:AHZ+X3Ao3xFOV48wlPhPoRDaPuUcJ6OI9Lfwibb:AHZAAwAV48MPhPOs9zwi/

Score
10/10
latentbotmiraidiscoverytrojan

Malware Config

Extracted

Family

mirai

C2

botnetdolly.zapto.org

Extracted

Family

latentbot

C2

botnetdolly.zapto.org

Targets

    • Target

      bot.arm.elf

    • Size

      130KB

    • MD5

      be34599671eb2e1cd8d1e34310b8c8d0

    • SHA1

      4bbef1faa2e7b59b4bc3e7982729d1df8fa17d09

    • SHA256

      8300075b9288fb25a2bc24868cdc4724220c4a5581e4f0a5e511e3b46839aa2d

    • SHA512

      5d635bb3638d253b7070d6c9a2c2044121f87e5ff5c016773ddf1cac2970db26cf591cb6c35885a9824adb0edbb3fd53abc180bebb75d87f9b021ce2b38c8dc2

    • SSDEEP

      3072:AHZ+X3Ao3xFOV48wlPhPoRDaPuUcJ6OI9Lfwibb:AHZAAwAV48MPhPOs9zwi/

    Score
    10/10
    latentbotdiscoverytrojan

    • LatentBot

      Modular trojan written in Delphi which has been in-the-wild since 2013.

      trojanlatentbot

    • Latentbot family

      latentbot

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Matrix

Tasks