Emotet malware analysis. Part 2.
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 |
Common Information
| Type | Value |
|---|---|
| UUID | dbb1b669-f15d-4c31-a026-c4e0dcf4fd8d |
| Fingerprint | b21418352ff70695 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | April 7, 2019, midnight |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 17, 2024, 6:53 p.m. |
| Headline | [ Emotet malware analysis. Part 2. ] |
| Title | Emotet malware analysis. Part 2. |
| Detected Hints/Tags/Attributes | 27/2/16 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://persianov.net/emotet-malware-analysis-part-2 |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | biederman.net |
|
| Details | File | 1 | dfdwiz.exe |
|
| Details | File | 748 | kernel32.dll |
|
| Details | File | 291 | user32.dll |
|
| Details | File | 76 | gdi32.dll |
|
| Details | File | 229 | advapi32.dll |
|
| Details | File | 185 | shell32.dll |
|
| Details | File | 69 | shlwapi.dll |
|
| Details | File | 82 | kernelbase.dll |
|
| Details | File | 533 | ntdll.dll |
|
| Details | File | 1 | ipropslide.exe |
|
| Details | sha1 | 1 | cebb919d8d04f224b78181a4d3f0b10a315ae2f2 |
|
| Details | IPv4 | 1 | 45.36.20.17 |
|
| Details | IPv4 | 1 | 103.39.131.88 |
|
| Details | IPv4 | 1 | 86.239.117.57 |
|
| Details | Url | 2 | http://biederman.net/leslie/ll |