emotet

General

Target

61a2f90d5f2c5c539d72b37f98163e58a34f1724d284ed0a1f3ceb46f1b3f642
Size

368KB
Sample

210509-x67jsnz9ze
MD5

6dd10b32ae1922ed8d8bc12dbe37bc99
SHA1

46c753db17c369d6cff7ac117593f5e0696e752b
SHA256

61a2f90d5f2c5c539d72b37f98163e58a34f1724d284ed0a1f3ceb46f1b3f642
SHA512

fc52c8b1d66de0dedf12c12d2100971181a5c46cf769ae819a9a8257c2543a2c9af533cc29908bb69a1a44f71de65a818b96db2b235c7697dddba40cc90e6eaa

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

177.103.159.44:80

113.190.254.245:80

103.31.232.93:443

91.236.4.234:443

110.145.124.178:443

120.150.76.215:80

45.161.242.102:80

82.240.207.95:443

177.66.190.130:80

203.25.159.3:8080

91.191.206.60:443

89.19.20.202:443

177.72.13.80:80

188.129.197.149:80

73.239.11.159:80

181.61.224.26:80

190.210.236.139:80

68.183.190.199:8080

47.150.248.161:80

152.231.89.226:80

rsa_pubkey.plain

Targets

- Target
  
  61a2f90d5f2c5c539d72b37f98163e58a34f1724d284ed0a1f3ceb46f1b3f642
- Size
  
  368KB
- MD5
  
  6dd10b32ae1922ed8d8bc12dbe37bc99
- SHA1
  
  46c753db17c369d6cff7ac117593f5e0696e752b
- SHA256
  
  61a2f90d5f2c5c539d72b37f98163e58a34f1724d284ed0a1f3ceb46f1b3f642
- SHA512
  
  fc52c8b1d66de0dedf12c12d2100971181a5c46cf769ae819a9a8257c2543a2c9af533cc29908bb69a1a44f71de65a818b96db2b235c7697dddba40cc90e6eaa
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2