emotet

General

Target

0b96754a84bc2c01e4e8d64a534c03b5636fb6e958f7c381f9c27e646466cd32
Size

348KB
Sample

220205-ycpdzsegc7
MD5

272220cefcb1b929e0fe0bb6da3557ca
SHA1

d302ddbad294b31e3d92bd1ea1eb7bd64d142a1f
SHA256

0b96754a84bc2c01e4e8d64a534c03b5636fb6e958f7c381f9c27e646466cd32
SHA512

5574e8a7dc7dfb07650c613aab678cfd93ef48b3674779f22bed321ab266f0c4b0b6b31f8eb907a6836f7c7677e1c4739ccefa1214c9e7d6cfe52fbb213f7288

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

70.48.238.90:80

82.223.70.24:8080

190.160.53.126:80

113.61.66.94:80

180.222.165.169:80

59.148.227.190:80

189.154.128.205:80

46.105.131.87:80

110.145.77.103:80

211.63.71.72:8080

98.156.206.153:80

209.151.248.242:8080

91.205.215.66:443

136.243.205.112:7080

104.32.141.43:80

115.65.111.148:443

212.174.19.87:80

168.235.67.138:7080

200.123.150.89:443

5.196.74.210:8080

rsa_pubkey.plain

Targets

- Target
  
  0b96754a84bc2c01e4e8d64a534c03b5636fb6e958f7c381f9c27e646466cd32
- Size
  
  348KB
- MD5
  
  272220cefcb1b929e0fe0bb6da3557ca
- SHA1
  
  d302ddbad294b31e3d92bd1ea1eb7bd64d142a1f
- SHA256
  
  0b96754a84bc2c01e4e8d64a534c03b5636fb6e958f7c381f9c27e646466cd32
- SHA512
  
  5574e8a7dc7dfb07650c613aab678cfd93ef48b3674779f22bed321ab266f0c4b0b6b31f8eb907a6836f7c7677e1c4739ccefa1214c9e7d6cfe52fbb213f7288
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2