emotet | 79baa7d6c2dde3484bcfb753d26277f64fc93091f56b4ead06dec18310beeb48 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79baa7d6c2dde3484bcfb753d26277f64fc93091f56b4ead06dec18310beeb48
Size

814KB
Sample

221103-t77rlaehar
MD5

74486fb692bfa817e0442688e799b823
SHA1

e76b9dd8b7aa0b3b9029f9eb929aed5e79e59721
SHA256

79baa7d6c2dde3484bcfb753d26277f64fc93091f56b4ead06dec18310beeb48
SHA512

2d988d9c4cdb9648c5c7f35a567d49d0241c655f4bc847c45bf11b5d56c79f17b1b6128c3fb62ab8cebad311b7a257076ee1c505ee434dd337ac9423e9d17bff
SSDEEP

12288:5sIyzbpudwh9PQx873eHeLs15pZ6yRQ4f04Tn/WMideaik:5JyzbwdG4eLsjpZfRQu/q8fk

Score

10^/10

emotet banker persistence trojan

Malware Config

Targets

- Target
  
  79baa7d6c2dde3484bcfb753d26277f64fc93091f56b4ead06dec18310beeb48
- Size
  
  814KB
- MD5
  
  74486fb692bfa817e0442688e799b823
- SHA1
  
  e76b9dd8b7aa0b3b9029f9eb929aed5e79e59721
- SHA256
  
  79baa7d6c2dde3484bcfb753d26277f64fc93091f56b4ead06dec18310beeb48
- SHA512
  
  2d988d9c4cdb9648c5c7f35a567d49d0241c655f4bc847c45bf11b5d56c79f17b1b6128c3fb62ab8cebad311b7a257076ee1c505ee434dd337ac9423e9d17bff
- SSDEEP
  
  12288:5sIyzbpudwh9PQx873eHeLs15pZ6yRQ4f04Tn/WMideaik:5JyzbwdG4eLsjpZfRQu/q8fk
Score

10^/10

emotet banker persistence trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

emotetbankerpersistencetrojan