Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

d3c7ddef9c...1f.elf

debian-9-mips

10

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240418-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240418-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    03/01/2025, 04:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d3c7ddef9cacafd02109d8a840fc2c54fbc04cbfb32253f6f08182ef6d06221f.elf

  • Size

    169KB

  • MD5

    cac7a8f8c4b3cd1f2c1bd1f187c617eb

  • SHA1

    3bbe81657aed5d688bda2b3456faab369abf1732

  • SHA256

    d3c7ddef9cacafd02109d8a840fc2c54fbc04cbfb32253f6f08182ef6d06221f

  • SHA512

    2df8eeab046c7d33adecc5a2edadc923985b577cd05dc8775623ebeff0621f8cc44ee7b1bef6ec32bde337f1d4355e1f4b335c35d30633b5d53b17a503dfd3ce

  • SSDEEP

    1536:Cl2JvnXPvLrQuchMJdDNsCK9H1R8cA2iQembSM+xV7TfF+hPyO0Hb/zMt/Y:Cgv/fcwZsCK9VRhAX+bShFSP0HbbMlY

Score
10/10
latentbotdiscoverytrojan

Malware Config

Extracted

Family

latentbot

C2

botnetdolly.zapto.org

Signatures

  • LatentBot

    Modular trojan written in Delphi which has been in-the-wild since 2013.

    trojanlatentbot
  • Latentbot family
    latentbot
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Changes its process name 1 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/d3c7ddef9cacafd02109d8a840fc2c54fbc04cbfb32253f6f08182ef6d06221f.elf
    /tmp/d3c7ddef9cacafd02109d8a840fc2c54fbc04cbfb32253f6f08182ef6d06221f.elf
    1⤵
    • Changes its process name
    • Reads runtime system information
    PID:729

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads