312-50V13 · Question #422
Mason, a professional hacker, targets an organization and spreads Emotet malware through malicious script. After infecting the victim's device. Mason further used Emotet to spread the infection across
The correct answer is D. Credential enumerator. Explanation Option D (Credential enumerator) is correct because Emotet malware uses a built-in credential enumerator tool - delivered as a self-extracting RAR file - specifically designed to scan and retrieve information about network resources, including writable share drives, e
Question
Options
- ANetPass.exe
- BOutlook scraper
- CWebBrowserPassView
- DCredential enumerator
How the community answered
(40 responses)- A18% (7)
- B5% (2)
- C5% (2)
- D73% (29)
Explanation
Explanation
Option D (Credential enumerator) is correct because Emotet malware uses a built-in credential enumerator tool - delivered as a self-extracting RAR file - specifically designed to scan and retrieve information about network resources, including writable share drives, enabling lateral movement across local networks and beyond.
Why the distractors are wrong:
- Option A (NetPass.exe) is a network password recovery tool used to retrieve passwords stored on a system, not to enumerate network share resources.
- Option B (Outlook scraper) is an Emotet module, but its purpose is to harvest email addresses and contacts from Microsoft Outlook - unrelated to network share enumeration.
- Option C (WebBrowserPassView) is a password recovery tool that extracts credentials saved in web browsers, not a network resource discovery tool.
Memory Tip: Think "Credential Enumerator = Network Explorer" - despite its name focusing on credentials, this Emotet tool enumerates network resources (writable shares) packaged as a self-extracting RAR, which is its defining characteristic in exam scenarios. If the question mentions self-extracting RAR + network shares + lateral movement, always think Credential Enumerator.
Topics
Community Discussion
No community discussion yet for this question.