Overview

overview

10

Static

static

3a594ce394...79.exe

windows7-x64

10

3a594ce394...79.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3a594ce3945cb76f5893f28a3cf638dd0e6b94f27dbf7ecf0fb4c8fe98463a79

  • Size

    116KB

  • Sample

    221130-xepxvsef42

  • MD5

    70401388d0e6b6fcebe0b68135114c5e

  • SHA1

    08e571792858e812a336321d892d9170687782c6

  • SHA256

    3a594ce3945cb76f5893f28a3cf638dd0e6b94f27dbf7ecf0fb4c8fe98463a79

  • SHA512

    1a1d87dc3e8c032cbc2036bdb4f1d323bf9cbff42b568498942b2096ddcb366d5ad15a387f3e824fcc0719e528b6133fa475c908ca7e0360272149a7f06ec0ee

  • SSDEEP

    3072:0RYBR2SZlX/1SvgDJ6gwBq1Dn1xho+IBU82g:0RYBdZo6JvwA1DnDhoLU/

Score
10/10
emotetbankertrojan

Malware Config

Targets

    • Target

      3a594ce3945cb76f5893f28a3cf638dd0e6b94f27dbf7ecf0fb4c8fe98463a79

    • Size

      116KB

    • MD5

      70401388d0e6b6fcebe0b68135114c5e

    • SHA1

      08e571792858e812a336321d892d9170687782c6

    • SHA256

      3a594ce3945cb76f5893f28a3cf638dd0e6b94f27dbf7ecf0fb4c8fe98463a79

    • SHA512

      1a1d87dc3e8c032cbc2036bdb4f1d323bf9cbff42b568498942b2096ddcb366d5ad15a387f3e824fcc0719e528b6133fa475c908ca7e0360272149a7f06ec0ee

    • SSDEEP

      3072:0RYBR2SZlX/1SvgDJ6gwBq1Dn1xho+IBU82g:0RYBdZo6JvwA1DnDhoLU/

    Score
    10/10
    emotetbankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks