General
-
Target
JaffaCakes118_065003718f1ff08beee6ba0cfe6c96ac
-
Size
12KB
-
Sample
250121-v37rgavlcy
-
MD5
065003718f1ff08beee6ba0cfe6c96ac
-
SHA1
c02c6010a7e9313b7ce669337aff5f19e7ae7c61
-
SHA256
0ce53bcd577f297bd1b7e4993c7cc5e798aefb437b3dc1e064b8f89e084323bb
-
SHA512
fcbace421e13ab563b7bd43c061551b63d35f82957ba38e70ddbe7804014df98177fac4acfb1f592e241a048dad098eca632aac8352f2cdf675622abf8460785
-
SSDEEP
192:F59h1vUlOS+1StGRA1ovwhbHic0StfGG:FHh1vUlyc0CfG
Malware Config
Extracted
latentbot
blazenbastard.zapto.org
Targets
-
-
Target
JaffaCakes118_065003718f1ff08beee6ba0cfe6c96ac
-
Size
12KB
-
MD5
065003718f1ff08beee6ba0cfe6c96ac
-
SHA1
c02c6010a7e9313b7ce669337aff5f19e7ae7c61
-
SHA256
0ce53bcd577f297bd1b7e4993c7cc5e798aefb437b3dc1e064b8f89e084323bb
-
SHA512
fcbace421e13ab563b7bd43c061551b63d35f82957ba38e70ddbe7804014df98177fac4acfb1f592e241a048dad098eca632aac8352f2cdf675622abf8460785
-
SSDEEP
192:F59h1vUlOS+1StGRA1ovwhbHic0StfGG:FHh1vUlyc0CfG
Score10/10-
LatentBot
Modular trojan written in Delphi which has been in-the-wild since 2013.
-
Latentbot family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-