emotet | 5c957f3c0373b20e9bc29472376bbe2383b3f66e76761a0c6e52895e3907f667 | Triage

Sharing

General

Target

d5aa54d4d8343f1cd994189707d5a734_JaffaCakes118
Size

168KB
Sample

240909-e99xeavckh
MD5

d5aa54d4d8343f1cd994189707d5a734
SHA1

88f410dee7b64d7c754374fc78417add7f13e849
SHA256

5c957f3c0373b20e9bc29472376bbe2383b3f66e76761a0c6e52895e3907f667
SHA512

81f6e84877fec2f97646b2a3277db4aaf81f2db6da1274269db9772b64fd1657188de162d7d0c17a6383f407e4096ae1dfc96660ba34a257f27e64c621e4767d
SSDEEP

3072:RWEnTaB3HQXbZXi/KhSK6yeFGm/s+vDCQDnBaaSTustFUoUWUMgkWW4:RWEn8ARiC4dR/DNDnB5STDtFUoZ

Score

10^/10

emotet banker discovery persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  d5aa54d4d8343f1cd994189707d5a734_JaffaCakes118
- Size
  
  168KB
- MD5
  
  d5aa54d4d8343f1cd994189707d5a734
- SHA1
  
  88f410dee7b64d7c754374fc78417add7f13e849
- SHA256
  
  5c957f3c0373b20e9bc29472376bbe2383b3f66e76761a0c6e52895e3907f667
- SHA512
  
  81f6e84877fec2f97646b2a3277db4aaf81f2db6da1274269db9772b64fd1657188de162d7d0c17a6383f407e4096ae1dfc96660ba34a257f27e64c621e4767d
- SSDEEP
  
  3072:RWEnTaB3HQXbZXi/KhSK6yeFGm/s+vDCQDnBaaSTustFUoUWUMgkWW4:RWEn8ARiC4dR/DNDnB5STDtFUoZ
Score

10^/10

discovery emotet banker persistence privilege_escalation trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

emotetbankerdiscoverypersistenceprivilege_escalationtrojan