LATENTBOT: Trace Me If You Can
概要
FireEye Labs recently uncovered LATENTBOT, a new, highly obfuscated BOT that has been in the wild since mid-2013. It has managed to leave hardly any traces on the Internet, is capable of watching its victims without ever being noticed, and can even corrupt a hard disk, thus making a PC useless.
Through our Dynamic Threat Intelligence (DTI), we have observed multiple campaigns targeting multiple industries in the United States, United Kingdom, South Korea, Brazil, United Arab Emirates, Singapore, Canada, Peru and Poland – primarily in the financial services and insurance sectors. Although the infection strategy is not new, the final payload dropped – which we named LATENTBOT – caught our attention since it implements several layers of obfuscation, a unique exfiltration mechanism, and has been very successful at infecting multiple organizations.
Source : https://www.fireeye.com/blog/threat-research/2015/12/latentbot_trace_me.html
Created: 2026-02-23
Indicators
Indicatorsは見つかっていない。
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 21.48
Matched TTPs:
- T1027.009 - Embedded Payloads
- T1587.001 - Malware
- T1036.004 - Masquerade Task or Service
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
- T1561.001 - Disk Content Wipe
MITREへのリンク →
Score: 3.84
Matched TTPs:
- T1027.009 - Embedded Payloads
MITREへのリンク →
Score: 13.72
Matched TTPs:
- T1027.009 - Embedded Payloads
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1591 - Gather Victim Org Information
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 21.05
Matched TTPs:
- T1597.002 - Purchase Technical Data
- T1591.002 - Business Relationships
- T1588.001 - Malware
- T1199 - Trusted Relationship
- T1591.004 - Identify Roles
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 28.79
Matched TTPs:
- T1588.007 - Artificial Intelligence
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1681 - Search Threat Vendor Data
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1593 - Search Open Websites/Domains
- T1593.001 - Social Media
- T1027.010 - Command Obfuscation
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 11.93
Matched TTPs:
- T1491.002 - External Defacement
- T1195 - Supply Chain Compromise
- T1588.001 - Malware
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 36.03
Matched TTPs:
- T1491.002 - External Defacement
- T1594 - Search Victim-Owned Websites
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1591.002 - Business Relationships
- T1584.005 - Botnet
- T1199 - Trusted Relationship
- T1593 - Search Open Websites/Domains
- T1592.002 - Software
- T1203 - Exploitation for Client Execution
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 11.05
Matched TTPs:
- T1583.008 - Malvertising
- T1608.001 - Upload Malware
- T1608.006 - SEO Poisoning
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1594 - Search Victim-Owned Websites
MITREへのリンク →
Score: 34.09
Matched TTPs:
- T1594 - Search Victim-Owned Websites
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1593.002 - Search Engines
- T1036.004 - Masquerade Task or Service
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1593 - Search Open Websites/Domains
- T1593.001 - Social Media
- T1027.010 - Command Obfuscation
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 25.77
Matched TTPs:
- T1594 - Search Victim-Owned Websites
- T1590.006 - Network Security Appliances
- T1584.005 - Botnet
- T1591 - Gather Victim Org Information
- T1593 - Search Open Websites/Domains
- T1591.004 - Identify Roles
- T1596.005 - Scan Databases
MITREへのリンク →
Score: 17.66
Matched TTPs:
- T1594 - Search Victim-Owned Websites
- T1608.001 - Upload Malware
- T1597 - Search Closed Sources
- T1593.001 - Social Media
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.30
Matched TTPs:
- T1594 - Search Victim-Owned Websites
- T1583.006 - Web Services
MITREへのリンク →
Score: 6.71
Matched TTPs:
- T1587.001 - Malware
- T1036.004 - Masquerade Task or Service
- T1657 - Financial Theft
MITREへのリンク →
Score: 11.93
Matched TTPs:
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 12.28
Matched TTPs:
- T1587.001 - Malware
- T1681 - Search Threat Vendor Data
- T1588.001 - Malware
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 6.53
Matched TTPs:
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1588.001 - Malware
MITREへのリンク →
Score: 19.95
Matched TTPs:
- T1587.001 - Malware
- T1583.006 - Web Services
- T1199 - Trusted Relationship
- T1203 - Exploitation for Client Execution
- T1090.004 - Domain Fronting
- T1027.006 - HTML Smuggling
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 6.48
Matched TTPs:
- T1587.001 - Malware
- T1657 - Financial Theft
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 3.59
Matched TTPs:
- T1587.001 - Malware
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.84
Matched TTPs:
- T1587.001 - Malware
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 12.05
Matched TTPs:
- T1587.001 - Malware
- T1588.001 - Malware
- T1583.006 - Web Services
- T1584.006 - Web Services
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 10.86
Matched TTPs:
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1583.006 - Web Services
- T1593 - Search Open Websites/Domains
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.07
Matched TTPs:
- T1587.001 - Malware
- T1608.001 - Upload Malware
MITREへのリンク →
Score: 21.49
Matched TTPs:
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1674 - Input Injection
- T1036.004 - Masquerade Task or Service
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1591.004 - Identify Roles
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 6.44
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1583.006 - Web Services
MITREへのリンク →
Score: 10.07
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1583.006 - Web Services
- T1584.006 - Web Services
MITREへのリンク →
Score: 8.31
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1583.006 - Web Services
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 9.98
Matched TTPs:
- T1608.001 - Upload Malware
- T1583.006 - Web Services
- T1027.010 - Command Obfuscation
- T1561.001 - Disk Content Wipe
MITREへのリンク →
Score: 5.26
Matched TTPs:
- T1608.001 - Upload Malware
- T1593 - Search Open Websites/Domains
MITREへのリンク →
Score: 10.35
Matched TTPs:
- T1608.001 - Upload Malware
- T1608.002 - Upload Tool
- T1199 - Trusted Relationship
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 6.30
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 5.56
Matched TTPs:
- T1608.001 - Upload Malware
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 9.44
Matched TTPs:
- T1608.001 - Upload Malware
- T1036.004 - Masquerade Task or Service
- T1583.006 - Web Services
- T1203 - Exploitation for Client Execution
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 7.46
Matched TTPs:
- T1608.001 - Upload Malware
- T1591.004 - Identify Roles
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 5.48
Matched TTPs:
- T1608.001 - Upload Malware
- T1583.006 - Web Services
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.54
Matched TTPs:
- T1659 - Content Injection
MITREへのリンク →
Score: 10.53
Matched TTPs:
- T1608.002 - Upload Tool
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 5.34
Matched TTPs:
- T1591.002 - Business Relationships
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 6.42
Matched TTPs:
- T1588.001 - Malware
- T1036.004 - Masquerade Task or Service
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 7.80
Matched TTPs:
- T1588.001 - Malware
- T1592.002 - Software
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.55
Matched TTPs:
- T1588.001 - Malware
- T1036.004 - Masquerade Task or Service
MITREへのリンク →
Score: 8.83
Matched TTPs:
- T1588.001 - Malware
- T1657 - Financial Theft
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 5.72
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1584.006 - Web Services
MITREへのリンク →
Score: 3.96
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 6.48
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1027.010 - Command Obfuscation
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 7.80
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1027.010 - Command Obfuscation
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 4.11
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1583.006 - Web Services
MITREへのリンク →
Score: 16.88
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1583.006 - Web Services
- T1592.002 - Software
- T1027.010 - Command Obfuscation
- T1591.001 - Determine Physical Locations
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.59
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.62
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1657 - Financial Theft
MITREへのリンク →
Score: 11.01
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
- T1596.005 - Scan Databases
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 8.38
Matched TTPs:
- T1584.005 - Botnet
- T1583.006 - Web Services
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 5.12
Matched TTPs:
- T1584.005 - Botnet
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 5.37
Matched TTPs:
- T1583.006 - Web Services
- T1203 - Exploitation for Client Execution
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 9.54
Matched TTPs:
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1199 - Trusted Relationship
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 3.51
Matched TTPs:
- T1583.006 - Web Services
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.76
Matched TTPs:
- T1583.006 - Web Services
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 4.61
Matched TTPs:
- T1199 - Trusted Relationship
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 4.24
Matched TTPs:
- T1199 - Trusted Relationship
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 6.14
Matched TTPs:
- T1584.006 - Web Services
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.36
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 6.64
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1027.010 - Command Obfuscation
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 3.36
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 4.78
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.86
Matched TTPs:
- T1195 - Supply Chain Compromise
- T1491.002 - External Defacement
- T1608.001 - Upload Malware
- T1203 - Exploitation for Client Execution
- T1592.002 - Software
- T1593 - Search Open Websites/Domains
- T1584.005 - Botnet
- T1027.010 - Command Obfuscation
- T1591.002 - Business Relationships
- T1587.001 - Malware
- T1199 - Trusted Relationship
- T1594 - Search Victim-Owned Websites
MITREへのリンク →
Score: 0.78
Matched TTPs:
- T1593.002 - Search Engines
- T1593.001 - Social Media
- T1608.001 - Upload Malware
- T1593 - Search Open Websites/Domains
- T1657 - Financial Theft
- T1036.004 - Masquerade Task or Service
- T1591 - Gather Victim Org Information
- T1027.010 - Command Obfuscation
- T1587.001 - Malware
- T1583.006 - Web Services
- T1594 - Search Victim-Owned Websites
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 0.68
Matched TTPs:
- T1593.001 - Social Media
- T1608.001 - Upload Malware
- T1588.007 - Artificial Intelligence
- T1566.003 - Spearphishing via Service
- T1593 - Search Open Websites/Domains
- T1681 - Search Threat Vendor Data
- T1657 - Financial Theft
- T1027.010 - Command Obfuscation
- T1587.001 - Malware
- T1583.006 - Web Services
MITREへのリンク →
Score: 0.63
Matched TTPs:
- T1590.006 - Network Security Appliances
- T1591.004 - Identify Roles
- T1594 - Search Victim-Owned Websites
- T1593 - Search Open Websites/Domains
- T1591 - Gather Victim Org Information
- T1596.005 - Scan Databases
- T1584.005 - Botnet
MITREへのリンク →
Score: 0.58
Matched TTPs:
- T1591.004 - Identify Roles
- T1608.001 - Upload Malware
- T1674 - Input Injection
- T1036.004 - Masquerade Task or Service
- T1591 - Gather Victim Org Information
- T1027.010 - Command Obfuscation
- T1587.001 - Malware
- T1583.006 - Web Services
MITREへのリンク →
Score: 0.56
Matched TTPs:
- T1027.009 - Embedded Payloads
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
- T1561.001 - Disk Content Wipe
- T1036.004 - Masquerade Task or Service
- T1591 - Gather Victim Org Information
- T1587.001 - Malware
- T1583.006 - Web Services
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design