ioc[.]one - OSINT Cyber Threat Intelligence Database

LatentBot piece by piece | Malwarebytes Labs

Tags

country:	Poland
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vnc - T1021.005 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	4d3baf28-e4d1-4733-b9d4-ab5468faa60f
Fingerprint	ba267450ecb4a0b1
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 8, 2017, midnight
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	LatentBot piece by piece
Title	LatentBot piece by piece \| Malwarebytes Labs
Detected Hints/Tags/Attributes	56/2/30

Source URLs

	Redirection	Url
Details	Source	https://blog.malwarebytes.com/threat-analysis/2017/06/latentbot/

URL Provider

Details	Provider	Source level domain
Details	malwarebytes.com	blog.malwarebytes.com

Attributes

Details	Type	#Events	Value
Details	Domain	28	www.cert.pl
Details	Domain	184	www.fireeye.com
Details	Domain	5	cys-centrum.com
Details	Domain	31	hshrzd.wordpress.com
Details	File	263	iexplore.exe
Details	File	1	c:\users\tester\appdata\local\microsoft\windows\shfdnoh.exe
Details	File	1122	svchost.exe
Details	File	1	latent_dec.py
Details	File	57	installer.exe
Details	File	141	www.cer
Details	File	38	t.pl
Details	File	1	latentbot_trace_me.html
Details	md5	1	011077a7960fa1a7906323dbdc7e3807
Details	md5	1	85dcf88487ea412fe4960494713eed6b
Details	md5	1	60c3232b90c773ed9c4990da7cc3bbdb
Details	md5	1	e105d87cb79ed668c8b62297259a4dbb
Details	md5	1	e3fb224201592c02b6250532e99416f0
Details	md5	1	fcf8479361a24618c3e4aa552dccfc33
Details	md5	1	2268f50ac4bbd7002f6601568448e1d3
Details	md5	1	f461c9a2e1010aae1ad6ade8cf9396e5
Details	md5	1	5cb8d981574da528b5f65aa9b2163eb3
Details	md5	1	5803cab0bec92f21d3c3d22f7920eca0
Details	md5	1	5fd5b8ae1ae41a620a32f4ce96638ab9
Details	md5	1	b622a0b443f36d99d5595acd0f95ea0e
Details	IPv4	1	104.232.32.101
Details	Url	1	http://104.232.32.101
Details	Url	2	https://www.cert.pl/news/single/latentbot-modularny-i-silnie-zaciemniony-bot
Details	Url	1	https://www.fireeye.com/blog/threat-research/2015/12/latentbot_trace_me.html
Details	Url	1	https://cys-centrum.com/ru/news/module_trojan_for_unauthorized_access
Details	Url	28	https://hshrzd.wordpress.com