8f1c5f756658a90d9007b111594547d054cfdb487aefa255156d07fddd7ee016 | Triage

Submit
Reports

Overview

overview

Static

static

8

emotet_v6

windows10_x64

emotet_doc

windows10_x64

Sharing

General

Target

8f1c5f756658a90d9007b111594547d054cfdb487aefa255156d07fddd7ee016
Size

115KB
Sample

220120-fmf69afhf2
MD5

d0dfa995eb72c89052f341457554b904
SHA1

02bb89c9e8c012c33ff10213e785dfc74bd048f2
SHA256

8f1c5f756658a90d9007b111594547d054cfdb487aefa255156d07fddd7ee016
SHA512

0c78486c70d5ec5e8808d89f9d48a55f0938e4424a18857cb76532e54821757f458ccb670543f986d97a880a87309da190b24eadc2ef890fc7c2de12244b1a9f

Score

10^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

8f1c5f756658a90d9007b111594547d054cfdb487aefa255156d07fddd7ee016.xlsm

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

8f1c5f756658a90d9007b111594547d054cfdb487aefa255156d07fddd7ee016.xlsm

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

hta

Source

URLs

hta.dropper

http://0x5cff39c3/sec/se1.html

Targets

- Target
  
  8f1c5f756658a90d9007b111594547d054cfdb487aefa255156d07fddd7ee016
- Size
  
  115KB
- MD5
  
  d0dfa995eb72c89052f341457554b904
- SHA1
  
  02bb89c9e8c012c33ff10213e785dfc74bd048f2
- SHA256
  
  8f1c5f756658a90d9007b111594547d054cfdb487aefa255156d07fddd7ee016
- SHA512
  
  0c78486c70d5ec5e8808d89f9d48a55f0938e4424a18857cb76532e54821757f458ccb670543f986d97a880a87309da190b24eadc2ef890fc7c2de12244b1a9f
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy