emotet | 85cb3872d90522df55d59d1e78ec2cab48db2156a3ad3ca1bd8895f046c2d445 | Triage

Sharing

General

Target

f9b1320c88130f4d96de949bf528d041_JaffaCakes118
Size

136KB
Sample

240419-g5lecsbh2s
MD5

f9b1320c88130f4d96de949bf528d041
SHA1

5a736078a7f3b3675f8e86be51daf2385859fd29
SHA256

85cb3872d90522df55d59d1e78ec2cab48db2156a3ad3ca1bd8895f046c2d445
SHA512

1ec44210473dfad096a8d7cdf825b35c8c8cc9f2ad1b4a4fc7abbc6ce5471e4385cb0bad78ad0f69929ce302661bea01addcb9abcaf35b1c30596e3a982d255b
SSDEEP

3072:dbs6Raii991vRon8OmfvEywBJXYMzB0ZhuW+/L2Vu:S6vu91vRohywBGuvqVu

Score

10^/10

emotet banker trojan

Malware Config

Targets

- Target
  
  f9b1320c88130f4d96de949bf528d041_JaffaCakes118
- Size
  
  136KB
- MD5
  
  f9b1320c88130f4d96de949bf528d041
- SHA1
  
  5a736078a7f3b3675f8e86be51daf2385859fd29
- SHA256
  
  85cb3872d90522df55d59d1e78ec2cab48db2156a3ad3ca1bd8895f046c2d445
- SHA512
  
  1ec44210473dfad096a8d7cdf825b35c8c8cc9f2ad1b4a4fc7abbc6ce5471e4385cb0bad78ad0f69929ce302661bea01addcb9abcaf35b1c30596e3a982d255b
- SSDEEP
  
  3072:dbs6Raii991vRon8OmfvEywBJXYMzB0ZhuW+/L2Vu:S6vu91vRohywBGuvqVu
Score

10^/10

emotet banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

emotetbankertrojan

behavioral2

emotetbankertrojan