emotet | 70c5590d91f77c61f5f55e15e11f8be558a8aa30d054de9e09b6007dcc5b693f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70c5590d91f77c61f5f55e15e11f8be558a8aa30d054de9e09b6007dcc5b693f
Size

727KB
Sample

221103-ggpf4sehd5
MD5

2c5c75e8dd03998c5322e6943e7d0c93
SHA1

0d20bf04a441ed45a7c1b805b44d01091b411c73
SHA256

70c5590d91f77c61f5f55e15e11f8be558a8aa30d054de9e09b6007dcc5b693f
SHA512

1deb7273b17bd12ab31336a399b09d78923444d94cd92edf8daf1d246b6ad8bee5c5c1e513772f62d09b820465221145cd48f758f776a9bb8391e016b0fd9128
SSDEEP

12288:ezhsu7PWe6Fth9tmzQS+37pzGIz/mXpo1z+ASjq+DsCJqzfo:ktR6rhjmzhsT/Yg6FjtJqzf

Score

10^/10

emotet banker persistence trojan

Malware Config

Targets

- Target
  
  70c5590d91f77c61f5f55e15e11f8be558a8aa30d054de9e09b6007dcc5b693f
- Size
  
  727KB
- MD5
  
  2c5c75e8dd03998c5322e6943e7d0c93
- SHA1
  
  0d20bf04a441ed45a7c1b805b44d01091b411c73
- SHA256
  
  70c5590d91f77c61f5f55e15e11f8be558a8aa30d054de9e09b6007dcc5b693f
- SHA512
  
  1deb7273b17bd12ab31336a399b09d78923444d94cd92edf8daf1d246b6ad8bee5c5c1e513772f62d09b820465221145cd48f758f776a9bb8391e016b0fd9128
- SSDEEP
  
  12288:ezhsu7PWe6Fth9tmzQS+37pzGIz/mXpo1z+ASjq+DsCJqzfo:ktR6rhjmzhsT/Yg6FjtJqzf
Score

10^/10

emotet banker persistence trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

emotetbankerpersistencetrojan