ioc[.]one - OSINT Cyber Threat Intelligence Database

Corporate Loader "Emotet": History of "X" Project Return for Ransomware

Tags

cmtmf-attack-pattern:

Automated Exfiltration Command-Line Interface Data Encrypted

attack-pattern:

Data Model Models Botnet - T1583.005 Botnet - T1584.005 Code Signing - T1553.002 Command-Line Interface - T1605 Data Encrypted For Impact - T1471 Data Encrypted For Impact - T1486 Domain Trust Discovery - T1482 Exploitation Of Remote Services - T1428 File And Directory Discovery - T1420 Kerberoasting - T1558.003 Malware - T1587.001 Malware - T1588.001 System Information Discovery - T1426 Mshta - T1218.005 Multi-Hop Proxy - T1090.003 Pass The Hash - T1550.002 Pass The Ticket - T1550.003 Powershell - T1059.001 Regsvcs/Regasm - T1218.009 Regsvr32 - T1218.010 Rundll32 - T1218.011 Spearphishing Attachment - T1566.001 Spearphishing Attachment - T1598.002 Spearphishing Link - T1566.002 Spearphishing Link - T1598.003 Xsl Script Processing - T1220 Access Token Manipulation - T1134 Account Discovery - T1087 Automated Exfiltration - T1020 Man In The Browser - T1185 Bypass User Account Control - T1088 Code Signing - T1116 Command-Line Interface - T1059 Create Account - T1136 Credential Dumping - T1003 Custom Command And Control Protocol - T1094 Data Encoding - T1132 Data Encrypted - T1022 Data Obfuscation - T1001 Data Staged - T1074 Email Collection - T1114 Execution Through Module Load - T1129 Exfiltration Over Alternative Protocol - T1048 Exfiltration Over Command And Control Channel - T1041 Exploitation Of Remote Services - T1210 File And Directory Discovery - T1083 Kerberoasting - T1208 Mshta - T1170 Multi-Hop Proxy - T1188 Multilayer Encryption - T1079 Network Share Discovery - T1135 New Service - T1050 Pass The Hash - T1075 Pass The Ticket - T1097 Password Policy Discovery - T1201 Powershell - T1086 Regsvcs/Regasm - T1121 Regsvr32 - T1117 Rundll32 - T1085 Scripting - T1064 Spearphishing Attachment - T1193 Spearphishing Link - T1192 System Information Discovery - T1082 Command-Line Interface Exploitation Of Remote Services Scripting Spearphishing Attachment

Show in Graph

Common Information

Type	Value
UUID	8909d1c1-52ea-4d6a-9a06-4d0425dd59b8
Fingerprint	b516ccf929258712
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 19, 2021, 6:52 p.m.
Added to db	Sept. 26, 2022, 9:33 a.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	Corporate Loader "Emotet": History of "X" Project Return for Ransomware
Title	Corporate Loader "Emotet": History of "X" Project Return for Ransomware
Detected Hints/Tags/Attributes	154/2/43

Source URLs

	Redirection	Url
Details	Source	https://www.advintel.io/post/corporate-loader-emotet-history-of-x-project-return-for-ransomware

URL Provider

Details	Provider	Source level domain
Details	advintel.io	www.advintel.io

Attributes

Details	Type	#Events	Value
Details	Domain	1373	twitter.com
Details	File	9	x.dll
Details	MITRE ATT&CK Techniques	49	T1193
Details	MITRE ATT&CK Techniques	23	T1192
Details	MITRE ATT&CK Techniques	695	T1059
Details	MITRE ATT&CK Techniques	120	T1129
Details	MITRE ATT&CK Techniques	86	T1136
Details	MITRE ATT&CK Techniques	116	T1134
Details	MITRE ATT&CK Techniques	14	T1116
Details	MITRE ATT&CK Techniques	36	T1050
Details	MITRE ATT&CK Techniques	80	T1064
Details	MITRE ATT&CK Techniques	27	T1085
Details	MITRE ATT&CK Techniques	15	T1117
Details	MITRE ATT&CK Techniques	5	T1121
Details	MITRE ATT&CK Techniques	41	T1086
Details	MITRE ATT&CK Techniques	12	T1170
Details	MITRE ATT&CK Techniques	14	T1220
Details	MITRE ATT&CK Techniques	1	T1208
Details	MITRE ATT&CK Techniques	289	T1003
Details	MITRE ATT&CK Techniques	176	T1135
Details	MITRE ATT&CK Techniques	11	T1201
Details	MITRE ATT&CK Techniques	585	T1083
Details	MITRE ATT&CK Techniques	124	T1482
Details	MITRE ATT&CK Techniques	179	T1087
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	6	T1097
Details	MITRE ATT&CK Techniques	7	T1075
Details	MITRE ATT&CK Techniques	109	T1210
Details	MITRE ATT&CK Techniques	67	T1074
Details	MITRE ATT&CK Techniques	89	T1114
Details	MITRE ATT&CK Techniques	27	T1185
Details	MITRE ATT&CK Techniques	75	T1001
Details	MITRE ATT&CK Techniques	96	T1132
Details	MITRE ATT&CK Techniques	7	T1188
Details	MITRE ATT&CK Techniques	28	T1022
Details	MITRE ATT&CK Techniques	102	T1020
Details	MITRE ATT&CK Techniques	422	T1041
Details	MITRE ATT&CK Techniques	472	T1486
Details	MITRE ATT&CK Techniques	29	T1088
Details	MITRE ATT&CK Techniques	23	T1094
Details	MITRE ATT&CK Techniques	92	T1048
Details	MITRE ATT&CK Techniques	6	T1079
Details	Url	1	https://twitter.com/vk_intel/status/1460308855129313281