emotet | 942391caa9770d07252587df86743a4d22220d064ea1d1d8088ed1181d46ab96 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tMxEUZVo6E5GaOTBWrpCvNmQ6Sij9.dll.exe
Size

814KB
Sample

221103-m99weabghj
MD5

c6e4fca17bfa2f21767900d86267b50b
SHA1

21f3bebf18cccea598f1f61f9a4de819bc047bcb
SHA256

942391caa9770d07252587df86743a4d22220d064ea1d1d8088ed1181d46ab96
SHA512

3ff111f205cd38148eb6be14d4264d376b91e01fdac80eb315b2e127510329465ef10917997b258a0d47fe23e50422a22dc3b986e25e75c5a54b2dd7127feea6
SSDEEP

12288:5sIyzbpudwh9PQx873eHeLs15pZ6yRQaf04Tn/WMideaik:5JyzbwdG4eLsjpZfRQ8/q8fk

Score

10^/10

emotet banker persistence trojan

Malware Config

Targets

- Target
  
  tMxEUZVo6E5GaOTBWrpCvNmQ6Sij9.dll.exe
- Size
  
  814KB
- MD5
  
  c6e4fca17bfa2f21767900d86267b50b
- SHA1
  
  21f3bebf18cccea598f1f61f9a4de819bc047bcb
- SHA256
  
  942391caa9770d07252587df86743a4d22220d064ea1d1d8088ed1181d46ab96
- SHA512
  
  3ff111f205cd38148eb6be14d4264d376b91e01fdac80eb315b2e127510329465ef10917997b258a0d47fe23e50422a22dc3b986e25e75c5a54b2dd7127feea6
- SSDEEP
  
  12288:5sIyzbpudwh9PQx873eHeLs15pZ6yRQaf04Tn/WMideaik:5JyzbwdG4eLsjpZfRQ8/q8fk
Score

10^/10

emotet banker trojan persistence
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

emotetbankertrojan

behavioral2

emotetbankerpersistencetrojan