emotet

General

Target

9cf2c56e_by_Libranalysis
Size

419KB
Sample

210506-wxbv22bsms
MD5

9cf2c56ef2d9ed4c679013369c6bf4c0
SHA1

77a2d90daf8ccff12ba036924d49c0d57cfbc89b
SHA256

ea1025ebfb2cbc8b7ee79006a44c6c036329701015d45f6f3777e58915b83726
SHA512

824fa156c422176b7f41aeae17fe10ea40bd0cb4337a3093b76b7416add2412d6de606d12b0f50a9de0b68e92456728b4b6e1829f2c2324a667282c73a0e6598

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

47.148.241.179:80

24.204.47.87:80

80.86.91.91:8080

104.236.28.47:8080

87.106.136.232:8080

211.63.71.72:8080

113.52.123.226:7080

78.101.70.199:443

76.86.17.1:80

222.144.13.169:80

47.155.214.239:80

181.143.126.170:80

169.239.182.217:8080

181.126.70.117:80

209.137.209.84:443

207.177.72.129:8080

37.139.21.175:8080

149.202.153.252:8080

108.6.170.195:80

37.187.72.193:8080

rsa_pubkey.plain

Targets

- Target
  
  9cf2c56e_by_Libranalysis
- Size
  
  419KB
- MD5
  
  9cf2c56ef2d9ed4c679013369c6bf4c0
- SHA1
  
  77a2d90daf8ccff12ba036924d49c0d57cfbc89b
- SHA256
  
  ea1025ebfb2cbc8b7ee79006a44c6c036329701015d45f6f3777e58915b83726
- SHA512
  
  824fa156c422176b7f41aeae17fe10ea40bd0cb4337a3093b76b7416add2412d6de606d12b0f50a9de0b68e92456728b4b6e1829f2c2324a667282c73a0e6598
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2