General

  • Target

    main_x86.elf

  • Size

    87KB

  • Sample

    250523-s9l28sfj91

  • MD5

    55dc819fe59c982abcf616b780ccbd9e

  • SHA1

    7198e5e20d9ba02090ebac568ed3e99bfdf48b45

  • SHA256

    d9179753246194e046760bfaaa05df6d0bd1a9eea618e25b1a09a7d4a645d7cd

  • SHA512

    dfff866cd1de5a092281d627f3f4a1a2bb179d4818ba200617bced9f48f85237d1412ab52d02173168f6b8f27dd735036cd16f4fcb66f740fd2e4dc51541a24b

  • SSDEEP

    1536:W/QCZaxGdvts3i5JPhoyUxPu++ov5EUIKqI4FrS4LSS:WYCZa8dvm3oJPhHUxP595GKfUmDS

Malware Config

Extracted

Family

latentbot

C2

iwishiamhappy.zapto.org

Targets

    • Target

      main_x86.elf

    • Size

      87KB

    • MD5

      55dc819fe59c982abcf616b780ccbd9e

    • SHA1

      7198e5e20d9ba02090ebac568ed3e99bfdf48b45

    • SHA256

      d9179753246194e046760bfaaa05df6d0bd1a9eea618e25b1a09a7d4a645d7cd

    • SHA512

      dfff866cd1de5a092281d627f3f4a1a2bb179d4818ba200617bced9f48f85237d1412ab52d02173168f6b8f27dd735036cd16f4fcb66f740fd2e4dc51541a24b

    • SSDEEP

      1536:W/QCZaxGdvts3i5JPhoyUxPu++ov5EUIKqI4FrS4LSS:WYCZa8dvm3oJPhHUxP595GKfUmDS

    • LatentBot

      Modular trojan written in Delphi which has been in-the-wild since 2013.

    • Latentbot family

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

MITRE ATT&CK Matrix

Tasks