LATENTBOT: Trace Me If You Can
概要
FireEye Labs recently uncovered LATENTBOT, a new, highly obfuscated BOT that has been in the wild since mid-2013. It has managed to leave hardly any traces on the Internet, is capable of watching its victims without ever being noticed, and can even corrupt a hard disk, thus making a PC useless.
Through our Dynamic Threat Intelligence (DTI), we have observed multiple campaigns targeting multiple industries in the United States, United Kingdom, South Korea, Brazil, United Arab Emirates, Singapore, Canada, Peru and Poland – primarily in the financial services and insurance sectors. Although the infection strategy is not new, the final payload dropped – which we named LATENTBOT – caught our attention since it implements several layers of obfuscation, a unique exfiltration mechanism, and has been very successful at infecting multiple organizations.
Created: 2026-02-23
Indicators
Indicatorsは見つかっていない。
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 21.48
Matched TTPs:
- T1027.009 - Embedded Payloads
- T1587.001 - Malware
- T1036.004 - Masquerade Task or Service
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
- T1561.001 - Disk Content Wipe
MITREへのリンク →
Score: 3.84
Matched TTPs:
- T1027.009 - Embedded Payloads
MITREへのリンク →
Score: 16.18
Matched TTPs:
- T1027.009 - Embedded Payloads
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1591 - Gather Victim Org Information
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 21.05
Matched TTPs:
- T1597.002 - Purchase Technical Data
- T1591.002 - Business Relationships
- T1588.001 - Malware
- T1199 - Trusted Relationship
- T1591.004 - Identify Roles
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 28.79
Matched TTPs:
- T1588.007 - Artificial Intelligence
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1681 - Search Threat Vendor Data
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1593 - Search Open Websites/Domains
- T1593.001 - Social Media
- T1027.010 - Command Obfuscation
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 11.93
Matched TTPs:
- T1491.002 - External Defacement
- T1195 - Supply Chain Compromise
- T1588.001 - Malware
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 38.49
Matched TTPs:
- T1491.002 - External Defacement
- T1594 - Search Victim-Owned Websites
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1591.002 - Business Relationships
- T1584.005 - Botnet
- T1199 - Trusted Relationship
- T1593 - Search Open Websites/Domains
- T1592.002 - Software
- T1203 - Exploitation for Client Execution
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 6.51
Matched TTPs:
- T1583.008 - Malvertising
- T1608.001 - Upload Malware
MITREへのリンク →
Score: 5.74
Matched TTPs:
- T1594 - Search Victim-Owned Websites
- T1598.003 - Spearphishing Link
MITREへのリンク →
Score: 38.44
Matched TTPs:
- T1594 - Search Victim-Owned Websites
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1593.002 - Search Engines
- T1036.004 - Masquerade Task or Service
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1593 - Search Open Websites/Domains
- T1593.001 - Social Media
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 28.52
Matched TTPs:
- T1594 - Search Victim-Owned Websites
- T1590.006 - Network Security Appliances
- T1584.005 - Botnet
- T1591 - Gather Victim Org Information
- T1593 - Search Open Websites/Domains
- T1591.004 - Identify Roles
- T1518 - Software Discovery
- T1596.005 - Scan Databases
MITREへのリンク →
Score: 17.66
Matched TTPs:
- T1594 - Search Victim-Owned Websites
- T1608.001 - Upload Malware
- T1597 - Search Closed Sources
- T1593.001 - Social Media
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.30
Matched TTPs:
- T1594 - Search Victim-Owned Websites
- T1583.006 - Web Services
MITREへのリンク →
Score: 6.71
Matched TTPs:
- T1587.001 - Malware
- T1036.004 - Masquerade Task or Service
- T1657 - Financial Theft
MITREへのリンク →
Score: 11.93
Matched TTPs:
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1195 - Supply Chain Compromise
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 12.28
Matched TTPs:
- T1587.001 - Malware
- T1681 - Search Threat Vendor Data
- T1588.001 - Malware
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 6.53
Matched TTPs:
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1588.001 - Malware
MITREへのリンク →
Score: 10.87
Matched TTPs:
- T1587.001 - Malware
- T1583.006 - Web Services
- T1199 - Trusted Relationship
- T1203 - Exploitation for Client Execution
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 8.38
Matched TTPs:
- T1587.001 - Malware
- T1657 - Financial Theft
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 3.59
Matched TTPs:
- T1587.001 - Malware
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.84
Matched TTPs:
- T1587.001 - Malware
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 13.95
Matched TTPs:
- T1587.001 - Malware
- T1588.001 - Malware
- T1583.006 - Web Services
- T1584.006 - Web Services
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 16.06
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1583.006 - Web Services
- T1593 - Search Open Websites/Domains
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
MITREへのリンク →
Score: 5.97
Matched TTPs:
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 21.49
Matched TTPs:
- T1587.001 - Malware
- T1608.001 - Upload Malware
- T1674 - Input Injection
- T1036.004 - Masquerade Task or Service
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1591.004 - Identify Roles
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 10.46
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1518 - Software Discovery
MITREへのリンク →
Score: 11.28
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1588.001 - Malware
- T1657 - Financial Theft
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 6.57
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1036.004 - Masquerade Task or Service
- T1583.006 - Web Services
MITREへのリンク →
Score: 11.90
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1036.004 - Masquerade Task or Service
- T1583.006 - Web Services
- T1203 - Exploitation for Client Execution
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 19.34
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1036.004 - Masquerade Task or Service
- T1583.006 - Web Services
- T1592.002 - Software
- T1027.010 - Command Obfuscation
- T1591.001 - Determine Physical Locations
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 12.00
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1199 - Trusted Relationship
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 7.72
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1608.001 - Upload Malware
- T1593 - Search Open Websites/Domains
MITREへのリンク →
Score: 8.60
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1584.006 - Web Services
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 7.80
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1591.002 - Business Relationships
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 11.00
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 8.34
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1583.006 - Web Services
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 10.07
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1583.006 - Web Services
- T1584.006 - Web Services
MITREへのリンク →
Score: 8.31
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1583.006 - Web Services
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 11.88
Matched TTPs:
- T1608.001 - Upload Malware
- T1583.006 - Web Services
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1561.001 - Disk Content Wipe
MITREへのリンク →
Score: 10.35
Matched TTPs:
- T1608.001 - Upload Malware
- T1608.002 - Upload Tool
- T1199 - Trusted Relationship
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 6.62
Matched TTPs:
- T1608.001 - Upload Malware
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 6.30
Matched TTPs:
- T1608.001 - Upload Malware
- T1588.001 - Malware
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 3.87
Matched TTPs:
- T1608.001 - Upload Malware
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 5.56
Matched TTPs:
- T1608.001 - Upload Malware
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 10.20
Matched TTPs:
- T1608.001 - Upload Malware
- T1591.004 - Identify Roles
- T1027.010 - Command Obfuscation
- T1518 - Software Discovery
MITREへのリンク →
Score: 5.48
Matched TTPs:
- T1608.001 - Upload Malware
- T1583.006 - Web Services
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 3.87
Matched TTPs:
- T1608.001 - Upload Malware
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 12.43
Matched TTPs:
- T1608.002 - Upload Tool
- T1657 - Financial Theft
- T1583.006 - Web Services
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 8.32
Matched TTPs:
- T1588.001 - Malware
- T1036.004 - Masquerade Task or Service
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 7.80
Matched TTPs:
- T1588.001 - Malware
- T1592.002 - Software
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.55
Matched TTPs:
- T1588.001 - Malware
- T1036.004 - Masquerade Task or Service
MITREへのリンク →
Score: 5.72
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1584.006 - Web Services
MITREへのリンク →
Score: 5.86
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 6.48
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1027.010 - Command Obfuscation
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.99
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 7.80
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1027.010 - Command Obfuscation
- T1213.005 - Messaging Applications
MITREへのリンク →
Score: 3.59
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 6.52
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1657 - Financial Theft
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 11.01
Matched TTPs:
- T1036.004 - Masquerade Task or Service
- T1203 - Exploitation for Client Execution
- T1596.005 - Scan Databases
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 8.38
Matched TTPs:
- T1584.005 - Botnet
- T1583.006 - Web Services
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 5.12
Matched TTPs:
- T1584.005 - Botnet
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.42
Matched TTPs:
- T1657 - Financial Theft
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 10.01
Matched TTPs:
- T1583.006 - Web Services
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
- T1518 - Software Discovery
MITREへのリンク →
Score: 3.51
Matched TTPs:
- T1583.006 - Web Services
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 4.76
Matched TTPs:
- T1583.006 - Web Services
- T1199 - Trusted Relationship
MITREへのリンク →
Score: 4.61
Matched TTPs:
- T1199 - Trusted Relationship
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 4.24
Matched TTPs:
- T1199 - Trusted Relationship
- T1203 - Exploitation for Client Execution
MITREへのリンク →
Score: 3.39
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 5.26
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 7.52
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 6.14
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
MITREへのリンク →
Score: 4.24
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1518 - Software Discovery
MITREへのリンク →
Score: 3.39
Matched TTPs:
- T1203 - Exploitation for Client Execution
- T1518.001 - Security Software Discovery
MITREへのリンク →
Score: 7.17
Matched TTPs:
- T1518.001 - Security Software Discovery
- T1518 - Software Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.76
Matched TTPs:
- T1518.001 - Security Software Discovery
- T1027.010 - Command Obfuscation
MITREへのリンク →
Score: 4.42
Matched TTPs:
- T1518.001 - Security Software Discovery
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 5.18
Matched TTPs:
- T1518.001 - Security Software Discovery
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.86
Matched TTPs:
- T1195 - Supply Chain Compromise
- T1491.002 - External Defacement
- T1592.002 - Software
- T1594 - Search Victim-Owned Websites
- T1608.001 - Upload Malware
- T1203 - Exploitation for Client Execution
- T1591.002 - Business Relationships
- T1199 - Trusted Relationship
- T1598.003 - Spearphishing Link
- T1027.010 - Command Obfuscation
- T1584.005 - Botnet
- T1587.001 - Malware
- T1593 - Search Open Websites/Domains
MITREへのリンク →
Score: 0.82
Matched TTPs:
- T1102.001 - Dead Drop Resolver
- T1657 - Financial Theft
- T1518.001 - Security Software Discovery
- T1591 - Gather Victim Org Information
- T1594 - Search Victim-Owned Websites
- T1608.001 - Upload Malware
- T1593.002 - Search Engines
- T1593.001 - Social Media
- T1598.003 - Spearphishing Link
- T1036.004 - Masquerade Task or Service
- T1027.010 - Command Obfuscation
- T1587.001 - Malware
- T1593 - Search Open Websites/Domains
- T1583.006 - Web Services
MITREへのリンク →
Score: 0.65
Matched TTPs:
- T1596.005 - Scan Databases
- T1591.004 - Identify Roles
- T1591 - Gather Victim Org Information
- T1590.006 - Network Security Appliances
- T1594 - Search Victim-Owned Websites
- T1584.005 - Botnet
- T1593 - Search Open Websites/Domains
- T1518 - Software Discovery
MITREへのリンク →
Score: 0.64
Matched TTPs:
- T1588.007 - Artificial Intelligence
- T1681 - Search Threat Vendor Data
- T1657 - Financial Theft
- T1608.001 - Upload Malware
- T1593.001 - Social Media
- T1027.010 - Command Obfuscation
- T1587.001 - Malware
- T1566.003 - Spearphishing via Service
- T1593 - Search Open Websites/Domains
- T1583.006 - Web Services
MITREへのリンク →
Score: 0.55
Matched TTPs:
- T1591.004 - Identify Roles
- T1674 - Input Injection
- T1591 - Gather Victim Org Information
- T1608.001 - Upload Malware
- T1027.010 - Command Obfuscation
- T1036.004 - Masquerade Task or Service
- T1587.001 - Malware
- T1583.006 - Web Services
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design