emotet

General

Target

361531ae945f36019323f6047778a7b9f70093f3d41aa0507452b4c51a30d694
Size

292KB
Sample

210518-qwlrrpk7me
MD5

244374204971acc756b7ef1c1616e4a0
SHA1

50a3ca99a3e8009ebc70671ae6df4e84e67c9a2f
SHA256

361531ae945f36019323f6047778a7b9f70093f3d41aa0507452b4c51a30d694
SHA512

8c99f3d5c71b078b58932c764b9585c12dd7cc449b7509639d592a026aec69e630753f9008eff7c353f2eac27694978abb9980f7d9b67815f2d9b508e3ef1669

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

222.239.249.166:443

217.26.163.82:7080

91.205.173.54:8080

163.172.97.112:8080

216.70.88.55:8080

104.238.80.237:8080

162.144.46.90:8080

124.150.175.133:80

172.245.13.50:8080

5.189.148.98:8080

46.105.131.68:8080

190.217.1.149:80

200.55.168.82:20

176.58.93.123:80

216.75.37.196:8080

191.100.24.201:50000

193.34.144.138:8080

142.93.87.198:8080

139.162.185.116:443

192.241.220.183:8080

rsa_pubkey.plain

Targets

- Target
  
  361531ae945f36019323f6047778a7b9f70093f3d41aa0507452b4c51a30d694
- Size
  
  292KB
- MD5
  
  244374204971acc756b7ef1c1616e4a0
- SHA1
  
  50a3ca99a3e8009ebc70671ae6df4e84e67c9a2f
- SHA256
  
  361531ae945f36019323f6047778a7b9f70093f3d41aa0507452b4c51a30d694
- SHA512
  
  8c99f3d5c71b078b58932c764b9585c12dd7cc449b7509639d592a026aec69e630753f9008eff7c353f2eac27694978abb9980f7d9b67815f2d9b508e3ef1669
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2