latentbot

General

Target

https://bazaar.abuse.ch/download/573b6b682ba79aa17aea93a00e8c9f4b3b8d90f177f219682e879bf15c32c55d
Sample

250416-sh5ehawqx4

Score

10^/10

Malware Config

Extracted

Family

xworm

Attributes

install_file
MasonUSB.exe

Extracted

Family

latentbot

C2

cryptoghost.zapto.org

Targets

- Target
  
  https://bazaar.abuse.ch/download/573b6b682ba79aa17aea93a00e8c9f4b3b8d90f177f219682e879bf15c32c55d
Score

10^/10

latentbot xworm discovery rat trojan
- Detect Xworm Payload
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
- Latentbot family
  latentbot
- Xworm
  Xworm is a remote access trojan written in C#.
  trojan rat xworm
- Xworm family
  xworm
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

2

T1082

Lateral Movement

Collection

Command and Control

Web Service

1

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Detect Xworm Payload

Latentbot family

Xworm

Xworm family

Executes dropped EXE

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v16

Tasks

static1

urlscan1

behavioral1