Overview

overview

10

Static

static

3

648fdc19f6...18.exe

windows7-x64

10

648fdc19f6...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    648fdc19f6c9edca30a8f9a756234699_JaffaCakes118

  • Size

    136KB

  • Sample

    240521-ym7y3sgg5v

  • MD5

    648fdc19f6c9edca30a8f9a756234699

  • SHA1

    321f822bb486dccfad216ff2b2a40e4112637a4f

  • SHA256

    52d4dafbcfae960f9c56c22dd3013b33747410cc14d384ae26caaae26f7e74c5

  • SHA512

    ae2a2a284424412d9d85d55beddc3d90bf8b193f625accf779e04360f73857d96dcd39d228d9e6a3004da1c52bc0afe3b291976244364f612819132230186c32

  • SSDEEP

    3072:Fkh20/12+YvN69kc10oF+RDINn6j9DyIK3cIRV0x2IY:Fkh20/12+Y8Kc13kDYn6jdyIK3PV0J

Score
10/10
emotetbankertrojan

Malware Config

Targets

    • Target

      648fdc19f6c9edca30a8f9a756234699_JaffaCakes118

    • Size

      136KB

    • MD5

      648fdc19f6c9edca30a8f9a756234699

    • SHA1

      321f822bb486dccfad216ff2b2a40e4112637a4f

    • SHA256

      52d4dafbcfae960f9c56c22dd3013b33747410cc14d384ae26caaae26f7e74c5

    • SHA512

      ae2a2a284424412d9d85d55beddc3d90bf8b193f625accf779e04360f73857d96dcd39d228d9e6a3004da1c52bc0afe3b291976244364f612819132230186c32

    • SSDEEP

      3072:Fkh20/12+YvN69kc10oF+RDINn6j9DyIK3cIRV0x2IY:Fkh20/12+Y8Kc13kDYn6jdyIK3PV0J

    Score
    10/10
    emotetbankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks