emotet | 74bd4f139de8ca014c29d61380e6fcdc9949946fc97881a3812807c933476383 | Triage

Sharing

General

Target

e873ef3bc2caa3fd3d16b9263bfd2ef4_JaffaCakes118
Size

170KB
Sample

240918-gkkmbswdjn
MD5

e873ef3bc2caa3fd3d16b9263bfd2ef4
SHA1

d39ceab964bda2d1948ff2980492f95399e7d3fa
SHA256

74bd4f139de8ca014c29d61380e6fcdc9949946fc97881a3812807c933476383
SHA512

46e7231de43020c18a5a5a495eee560e0a75a05b2f488a648a070f6b0c0167b24bc5bcfb472cf0a77df61a5b1b25c1b8775f138bf17ae9b7bc8028dba64661b7
SSDEEP

3072:NSNzFEhUHHIUjCgArLEZXApH3UHE360eBSYUAseMh6SepsMdPH:aFNHIU2Y9KEHE36ZBSYEMpH

Score

10^/10

emotet banker discovery trojan

Malware Config

Targets

- Target
  
  e873ef3bc2caa3fd3d16b9263bfd2ef4_JaffaCakes118
- Size
  
  170KB
- MD5
  
  e873ef3bc2caa3fd3d16b9263bfd2ef4
- SHA1
  
  d39ceab964bda2d1948ff2980492f95399e7d3fa
- SHA256
  
  74bd4f139de8ca014c29d61380e6fcdc9949946fc97881a3812807c933476383
- SHA512
  
  46e7231de43020c18a5a5a495eee560e0a75a05b2f488a648a070f6b0c0167b24bc5bcfb472cf0a77df61a5b1b25c1b8775f138bf17ae9b7bc8028dba64661b7
- SSDEEP
  
  3072:NSNzFEhUHHIUjCgArLEZXApH3UHE360eBSYUAseMh6SepsMdPH:aFNHIU2Y9KEHE36ZBSYEMpH
Score

10^/10

emotet banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

emotetbankerdiscoverytrojan

behavioral2

emotetbankerdiscoverytrojan