emotet | 790320ba61939a0147dd7a99ed78129ce89dff8795a1ad414365b4a223dd7807 | Triage

Sharing

General

Target

790320ba61939a0147dd7a99ed78129ce89dff8795a1ad414365b4a223dd7807
Size

727KB
Sample

221103-gpyprafab5
MD5

faa2fb69b1f05b7567ce1c8859c8331c
SHA1

a18b8b872be877f2207f4e513df674158cb8900f
SHA256

790320ba61939a0147dd7a99ed78129ce89dff8795a1ad414365b4a223dd7807
SHA512

9385d0bf24d35a1e2ef2448167d191dac3dafeb69e0633170ca4aa6de46ab1f6675b57854519ffa7c99f1f719592a5c431a1d57ae73f33c11df5b33685c34a6f
SSDEEP

12288:ezhsu7PWe6Fth9tmzQS+37pzGIz/mXpo1z+uSjq+DsCJqzfo:ktR6rhjmzhsT/Yg6PjtJqzf

Score

10^/10

emotet banker persistence trojan

Malware Config

Targets

- Target
  
  790320ba61939a0147dd7a99ed78129ce89dff8795a1ad414365b4a223dd7807
- Size
  
  727KB
- MD5
  
  faa2fb69b1f05b7567ce1c8859c8331c
- SHA1
  
  a18b8b872be877f2207f4e513df674158cb8900f
- SHA256
  
  790320ba61939a0147dd7a99ed78129ce89dff8795a1ad414365b4a223dd7807
- SHA512
  
  9385d0bf24d35a1e2ef2448167d191dac3dafeb69e0633170ca4aa6de46ab1f6675b57854519ffa7c99f1f719592a5c431a1d57ae73f33c11df5b33685c34a6f
- SSDEEP
  
  12288:ezhsu7PWe6Fth9tmzQS+37pzGIz/mXpo1z+uSjq+DsCJqzfo:ktR6rhjmzhsT/Yg6PjtJqzf
Score

10^/10

emotet banker persistence trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

emotetbankerpersistencetrojan