Analysis

  • max time kernel
    133s
  • max time network
    149s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20250307-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20250307-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    18/05/2025, 19:59

General

  • Target

    main_x86_64

  • Size

    136KB

  • MD5

    5e63d73b1e27c330ad767b28da293639

  • SHA1

    80489b3c5bd9a586117558545b02c041643f40f8

  • SHA256

    9d6f3091c278d456955465a66c474c1f64f1e480791c5ffc3154cec983979102

  • SHA512

    a58ab52e0a4d8761fcd2b3cf7095286e6ab48b01f78b3c303d8cc10b27fa92a888553265a99c12dde8aa60a4729555441921c26024e8c952cceaf5953965051f

  • SSDEEP

    3072:79eSuygEPjt6qkWqydymDnYMb0YBd/gQyVGsdqml6saj:79eSuygEPjt6qkWqZmH2lasa

Score
10/10

Malware Config

Extracted

Family

latentbot

C2

bothehedoxiahihi.zapto.org

Signatures

  • LatentBot

    Modular trojan written in Delphi which has been in-the-wild since 2013.

  • Latentbot family
  • Deletes itself 1 IoCs
  • Traces itself 2 IoCs

    Traces itself to prevent debugging attempts

  • Changes its process name 1 IoCs
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/main_x86_64
    /tmp/main_x86_64
    1⤵
    • Deletes itself
    • Traces itself
    • Changes its process name
    • Writes file to tmp directory
    PID:1565

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads