General

  • Target

    sample.zip

  • Size

    4.7MB

  • Sample

    250424-hmcj6s11gz

  • MD5

    226ad1531b8023a2782e1720b6be7761

  • SHA1

    c319171f04c4668f5b951a2043e5fc7d32afee18

  • SHA256

    07876ea5309a0d5eb25a6ee80084416637d562703aee2b1246c8eff99651944d

  • SHA512

    60b37d61f3ba9edc186b299e687d2a7f82a3e5f42f406acba3c08cd4449ea4b254dce898bc10276f45e304c06eb12cc54f26324257c09aa9a75dbb0e6514e842

  • SSDEEP

    98304:OcEZ5k5zzUprK4jaSriMGCADdwCjbPr8ngEAI6EvFJxzrAFIm+Dwu:Oc2uFy2+nVADdwmPr8gaNJxJmu

Malware Config

Extracted

Family

latentbot

C2

luizonsistemas.zapto.org

Targets

    • Target

      6e83c937369cf4330ece1a80a6f69e4e9a78242c27adb3b0a1afd84163341af7

    • Size

      12.9MB

    • MD5

      f6c1b6bbfb98d4ab459c6cd02e8c10c3

    • SHA1

      187e10f96508f039b7dbf04101850c5a554ebb5c

    • SHA256

      6e83c937369cf4330ece1a80a6f69e4e9a78242c27adb3b0a1afd84163341af7

    • SHA512

      15eac5efb7a24e2a7a7494db137744c31b5e87f65d55df6a088c79d8873577ecc20c920e0162fcbac6f4f5320991506ce590d9a5f5a071740fbf4c854e0cb505

    • SSDEEP

      98304:qGRGMse8OuplODdG2LaLzeZyFiYbaZrnMFqJZh3/SYYNsKCVz2MqJI+VT7dAroYW:qfMs3OuKpGKyFiOqV3/h2O2MGX9

    • LatentBot

      Modular trojan written in Delphi which has been in-the-wild since 2013.

    • Latentbot family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v16

Tasks