Trusted Design

LatentBot Piece by Piece | Malwarebytes Labs

概要

LatentBot is a multi-modular Trojan written in Delphi and known to have been around since 2013. Recently, we captured and dissected a sample distributed by RIG Exploit Kit. The main executable is a persistent botnet agent which downloads additional modules and reports about the performed activities to its Command and Control server. Depending on the modules that have been installed, LatentBot has various capabilities, including: - Act as a keylogger and form grabber - Steal cookies - Run a Socks Proxy from the victim system - Give remote access to the attacker (VNC / Remote Desktop)

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Contagious Interview

Score: 16.99
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1543.001 - Launch Agent
  • T1587 - Develop Capabilities
MITREへのリンク →

Kimsuky

Score: 18.90
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1027.002 - Software Packing
  • T1588.003 - Code Signing Certificates
  • T1021.001 - Remote Desktop Protocol
  • T1587 - Develop Capabilities
  • T1588.005 - Exploits
MITREへのリンク →

FIN13

Score: 3.74
Matched TTPs:
  • T1587.001 - Malware
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Moonstone Sleet

Score: 13.60
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1217 - Browser Information Discovery
  • T1587 - Develop Capabilities
  • T1569.002 - Service Execution
MITREへのリンク →

Indrik Spider

Score: 3.74
Matched TTPs:
  • T1587.001 - Malware
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Lazarus Group

Score: 15.92
Matched TTPs:
  • T1587.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1027.007 - Dynamic API Resolution
  • T1021.001 - Remote Desktop Protocol
  • T1055.001 - Dynamic-link Library Injection
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

OilRig

Score: 13.11
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1588.003 - Code Signing Certificates
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

UNC3886

Score: 10.18
Matched TTPs:
  • T1587.001 - Malware
  • T1588.001 - Malware
  • T1205.001 - Port Knocking
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

LuminousMoth

Score: 6.53
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
MITREへのリンク →

Sandworm Team

Score: 9.18
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1584.005 - Botnet
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT29

Score: 10.18
Matched TTPs:
  • T1587.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1562.008 - Disable or Modify Cloud Logs
  • T1027.002 - Software Packing
MITREへのリンク →

Aoqin Dragon

Score: 5.64
Matched TTPs:
  • T1587.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
MITREへのリンク →

RedCurl

Score: 4.84
Matched TTPs:
  • T1587.001 - Malware
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Turla

Score: 7.48
Matched TTPs:
  • T1587.001 - Malware
  • T1588.001 - Malware
  • T1055.001 - Dynamic-link Library Injection
MITREへのリンク →

Ke3chang

Score: 4.49
Matched TTPs:
  • T1587.001 - Malware
  • T1569.002 - Service Execution
MITREへのリンク →

Mustang Panda

Score: 12.85
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1588.003 - Code Signing Certificates
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

TeamTNT

Score: 6.12
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1027.002 - Software Packing
MITREへのリンク →

FIN7

Score: 16.78
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1674 - Input Injection
  • T1497.002 - User Activity Based Checks
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

APT39

Score: 14.48
Matched TTPs:
  • T1059.010 - AutoHotKey & AutoIT
  • T1056 - Input Capture
  • T1027.002 - Software Packing
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

TA2541

Score: 9.23
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1573.002 - Asymmetric Cryptography
  • T1027.002 - Software Packing
MITREへのリンク →

Earth Lusca

Score: 4.43
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
MITREへのリンク →

LazyScripter

Score: 4.43
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
MITREへのリンク →

Threat Group-3390

Score: 12.80
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1608.002 - Upload Tool
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

TA505

Score: 9.41
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1027.002 - Software Packing
  • T1055.001 - Dynamic-link Library Injection
MITREへのリンク →

BlackByte

Score: 6.02
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

BITTER

Score: 3.47
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT32

Score: 5.86
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1569.002 - Service Execution
MITREへのリンク →

HEXANE

Score: 3.62
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Saint Bear

Score: 5.52
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
MITREへのリンク →

EXOTIC LILY

Score: 3.47
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT42

Score: 8.56
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1056 - Input Capture
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Medusa Group

Score: 16.60
Matched TTPs:
  • T1608.002 - Upload Tool
  • T1573.002 - Asymmetric Cryptography
  • T1027.002 - Software Packing
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Fox Kitten

Score: 4.93
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Volt Typhoon

Score: 10.61
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1584.005 - Botnet
  • T1027.002 - Software Packing
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

APT38

Score: 11.36
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1027.002 - Software Packing
  • T1569.002 - Service Execution
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Scattered Spider

Score: 11.52
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1588.001 - Malware
  • T1556.009 - Conditional Access Policies
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Chimera

Score: 7.33
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

Ember Bear

Score: 8.08
Matched TTPs:
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1588.005 - Exploits
MITREへのリンク →

APT1

Score: 4.11
Matched TTPs:
  • T1588.001 - Malware
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Aquatic Panda

Score: 4.11
Matched TTPs:
  • T1588.001 - Malware
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Andariel

Score: 3.95
Matched TTPs:
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

BackdoorDiplomacy

Score: 5.39
Matched TTPs:
  • T1588.001 - Malware
  • T1055.001 - Dynamic-link Library Injection
MITREへのリンク →

HAFNIUM

Score: 3.62
Matched TTPs:
  • T1584.005 - Botnet
MITREへのリンク →

Axiom

Score: 11.30
Matched TTPs:
  • T1584.005 - Botnet
  • T1203 - Exploitation for Client Execution
  • T1021.001 - Remote Desktop Protocol
  • T1001.002 - Steganography
MITREへのリンク →

PROMETHIUM

Score: 4.13
Matched TTPs:
  • T1205.001 - Port Knocking
MITREへのリンク →

Darkhotel

Score: 5.63
Matched TTPs:
  • T1497.002 - User Activity Based Checks
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Storm-1811

Score: 3.84
Matched TTPs:
  • T1056 - Input Capture
MITREへのリンク →

APT28

Score: 6.03
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1669 - Wi-Fi Networks
MITREへのリンク →

Dragonfly

Score: 3.14
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

The White Company

Score: 3.55
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
MITREへのリンク →

BlackTech

Score: 4.65
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

Patchwork

Score: 5.19
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Cobalt Group

Score: 5.89
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Leviathan

Score: 6.07
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1021.001 - Remote Desktop Protocol
  • T1055.001 - Dynamic-link Library Injection
MITREへのリンク →

APT37

Score: 5.12
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

APT3

Score: 5.19
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Tropic Trooper

Score: 7.17
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1055.001 - Dynamic-link Library Injection
MITREへのリンク →

APT41

Score: 7.59
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

Elderwood

Score: 3.55
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1027.002 - Software Packing
MITREへのリンク →

Velvet Ant

Score: 5.14
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1569.002 - Service Execution
MITREへのリンク →

FIN6

Score: 6.79
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

FIN8

Score: 7.55
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1588.003 - Code Signing Certificates
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Storm-0501

Score: 6.19
Matched TTPs:
  • T1556.009 - Conditional Access Policies
  • T1027.002 - Software Packing
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Wizard Spider

Score: 10.13
Matched TTPs:
  • T1588.003 - Code Signing Certificates
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
  • T1055.001 - Dynamic-link Library Injection
MITREへのリンク →

INC Ransom

Score: 4.05
Matched TTPs:
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

Silence

Score: 4.05
Matched TTPs:
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

Blue Mockingbird

Score: 4.05
Matched TTPs:
  • T1021.001 - Remote Desktop Protocol
  • T1569.002 - Service Execution
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.79
Matched TTPs:
  • T1021.001 - Remote Desktop Protocol
  • T1587 - Develop Capabilities
  • T1587.001 - Malware
  • T1588.003 - Code Signing Certificates
  • T1608.001 - Upload Malware
  • T1588.005 - Exploits
  • T1027.002 - Software Packing
MITREへのリンク →

FIN7

Score: 0.74
Matched TTPs:
  • T1497.002 - User Activity Based Checks
  • T1021.001 - Remote Desktop Protocol
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1674 - Input Injection
  • T1569.002 - Service Execution
MITREへのリンク →

Medusa Group

Score: 0.72
Matched TTPs:
  • T1021.001 - Remote Desktop Protocol
  • T1529 - System Shutdown/Reboot
  • T1573.002 - Asymmetric Cryptography
  • T1027.002 - Software Packing
  • T1608.002 - Upload Tool
  • T1569.002 - Service Execution
MITREへのリンク →

Contagious Interview

Score: 0.71
Matched TTPs:
  • T1587 - Develop Capabilities
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1543.001 - Launch Agent
MITREへのリンク →

Lazarus Group

Score: 0.67
Matched TTPs:
  • T1021.001 - Remote Desktop Protocol
  • T1529 - System Shutdown/Reboot
  • T1587.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1027.007 - Dynamic API Resolution
  • T1055.001 - Dynamic-link Library Injection
MITREへのリンク →

APT39

Score: 0.62
Matched TTPs:
  • T1021.001 - Remote Desktop Protocol
  • T1059.010 - AutoHotKey & AutoIT
  • T1027.002 - Software Packing
  • T1056 - Input Capture
  • T1569.002 - Service Execution
MITREへのリンク →

Moonstone Sleet

Score: 0.61
Matched TTPs:
  • T1587 - Develop Capabilities
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1217 - Browser Information Discovery
  • T1569.002 - Service Execution
MITREへのリンク →

Threat Group-3390

Score: 0.58
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1588.003 - Code Signing Certificates
  • T1608.001 - Upload Malware
  • T1027.002 - Software Packing
  • T1608.002 - Upload Tool
MITREへのリンク →

Mustang Panda

Score: 0.56
Matched TTPs:
  • T1587.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1588.003 - Code Signing Certificates
  • T1608.001 - Upload Malware
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る