emotet | 78eaedc09b085633833bb1695878c4fa0b9f207addafb55aa0b506fcb9fe3830 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78eaedc09b085633833bb1695878c4fa0b9f207addafb55aa0b506fcb9fe3830
Size

629KB
Sample

221102-r8bdnscbgn
MD5

01ff1acaf7217c8872fcf22c25c5a2e1
SHA1

255ad2001c88553323390dd96d2f538628b7b3e3
SHA256

78eaedc09b085633833bb1695878c4fa0b9f207addafb55aa0b506fcb9fe3830
SHA512

7c0ca63b57042a9bd5c636b04a504920b62bc9f2b48b6c67505405111cbc6b1df70ec6c7480b12e12b2b64efb2e2c672d4fa1f755c08dc69048db3035661d217
SSDEEP

12288:6tGis7p49VmD3OjG7QbBtLJ5WhNye5JHKVu6cig1Doa:6tGis1T3OjueLOhd5NKAD3

Score

10^/10

emotet banker persistence trojan

Malware Config

Targets

- Target
  
  78eaedc09b085633833bb1695878c4fa0b9f207addafb55aa0b506fcb9fe3830
- Size
  
  629KB
- MD5
  
  01ff1acaf7217c8872fcf22c25c5a2e1
- SHA1
  
  255ad2001c88553323390dd96d2f538628b7b3e3
- SHA256
  
  78eaedc09b085633833bb1695878c4fa0b9f207addafb55aa0b506fcb9fe3830
- SHA512
  
  7c0ca63b57042a9bd5c636b04a504920b62bc9f2b48b6c67505405111cbc6b1df70ec6c7480b12e12b2b64efb2e2c672d4fa1f755c08dc69048db3035661d217
- SSDEEP
  
  12288:6tGis7p49VmD3OjG7QbBtLJ5WhNye5JHKVu6cig1Doa:6tGis1T3OjueLOhd5NKAD3
Score

10^/10

emotet banker persistence trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

emotetbankerpersistencetrojan