emotet | a0efff2f5ffc7af058f2cc3d6f0af29034b25dbbbee97b19d273009869b3220f | Triage

Submit
Reports

Overview

overview

task1

Sharing

General

Target

a0efff2f5ffc7af058f2cc3d6f0af29034b25dbbbee97b19d273009869b3220f.doc
Size

265KB
Sample

200207-jqt8gllgtn
MD5

d47a3565950f8b29b7bc35ce606e3c63
SHA1

3f2c908a7c6847b9d781beae1128ada5ca3410da
SHA256

a0efff2f5ffc7af058f2cc3d6f0af29034b25dbbbee97b19d273009869b3220f
SHA512

1386b01e42a4a829e14b9dcf58ff5662bc93c0b7a05f447c2719bb52bb9b045b8e22ed2784aa4b568fe77b848644e1d7612dd75555d234eef7abdb47d6c5a7c1

Score

10^/10

emotet banker trojan

Task

task1

Sample

a0efff2f5ffc7af058f2cc3d6f0af29034b25dbbbee97b19d273009869b3220f.doc

Resource

win7v191014

trojan banker emotet

0 signatures

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://haoyindz.com/wp-content/hiKW/

exe.dropper

http://tay.batt2u.com/cgi-bin/sKobi4/

exe.dropper

http://powerlinkaudio.com/wp-admin/fq5g/

exe.dropper

http://perfectfoodcenters.com/wp-includes/ssLLy/

exe.dropper

http://tatse.de/users/eo/

Targets

- Target
  
  a0efff2f5ffc7af058f2cc3d6f0af29034b25dbbbee97b19d273009869b3220f.doc
- Size
  
  265KB
- MD5
  
  d47a3565950f8b29b7bc35ce606e3c63
- SHA1
  
  3f2c908a7c6847b9d781beae1128ada5ca3410da
- SHA256
  
  a0efff2f5ffc7af058f2cc3d6f0af29034b25dbbbee97b19d273009869b3220f
- SHA512
  
  1386b01e42a4a829e14b9dcf58ff5662bc93c0b7a05f447c2719bb52bb9b045b8e22ed2784aa4b568fe77b848644e1d7612dd75555d234eef7abdb47d6c5a7c1
Score

10^/10

trojan banker emotet
- Emotet
  Emotet is a trojan that is primarily spread through spam emails
  trojan banker emotet
- Process spawned unexpected child process
- Blacklisted process makes network request
- Executes dropped EXE
- Drops file in System32 directory
task1

MITRE ATT&CK Matrix

Tasks

task1

trojanbankeremotet

© 2018-2024

Terms | Privacy