emotet

Resubmissions

13-09-2021 08:50

210913-krwvqagdfp 10

13-09-2021 08:11

210913-j3mkragdcp 10

Sharing

Copy URL

Twitter E-mail

General

Target

6b822efac2de6532c4d638c11002382704e6ce27c2549667abe0ca3cf047b56c
Size

648KB
Sample

210913-krwvqagdfp
MD5

16bcd0a10f1a57d1194165dc42fab16f
SHA1

71d05db8382ea1954bcebea4229b6bfddb78c5cb
SHA256

6b822efac2de6532c4d638c11002382704e6ce27c2549667abe0ca3cf047b56c
SHA512

9c85849680ab5ffd5acf21709f7723b4d13e35c3002a9952e16ab21458f32dd2bf3942d23d996c9020b574881d0a3eb6a4fb6ab4a9743b405433d31cbffa82c7

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

162.154.38.103:80

95.216.118.202:8080

60.250.78.22:443

120.151.135.224:80

101.187.97.173:80

185.94.252.104:443

168.235.67.138:7080

103.86.49.11:8080

92.222.216.44:8080

190.160.53.126:80

31.31.77.83:443

195.244.215.206:80

5.196.74.210:8080

79.45.112.220:80

41.60.200.34:80

95.213.236.64:8080

5.39.91.110:7080

58.171.38.26:80

209.151.248.242:8080

178.20.74.212:80

rsa_pubkey.plain

Targets

- Target
  
  6b822efac2de6532c4d638c11002382704e6ce27c2549667abe0ca3cf047b56c
- Size
  
  648KB
- MD5
  
  16bcd0a10f1a57d1194165dc42fab16f
- SHA1
  
  71d05db8382ea1954bcebea4229b6bfddb78c5cb
- SHA256
  
  6b822efac2de6532c4d638c11002382704e6ce27c2549667abe0ca3cf047b56c
- SHA512
  
  9c85849680ab5ffd5acf21709f7723b4d13e35c3002a9952e16ab21458f32dd2bf3942d23d996c9020b574881d0a3eb6a4fb6ab4a9743b405433d31cbffa82c7
Score

10^/10

emotet epoch2 banker trojan suricata
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M8
  suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M8
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M8

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2