emotet

General

Target

85041bd519680b653c8a44c704db4906b0e4d99f5947c3ed209765b4f02cc27c
Size

356KB
Sample

220302-gmetvsdcg4
MD5

709e3512ad4e3520bc90bd78546fd706
SHA1

638b52a7515e01326fa216a57118785ee1668819
SHA256

85041bd519680b653c8a44c704db4906b0e4d99f5947c3ed209765b4f02cc27c
SHA512

b1ebe1bbc96321e563063c740f3a869bd82f7f7dc4982dffb62f59d6beb7391339466b934248c5a2b55c2a1735acc2b75b2f02df521caa29b45ce6cfb705e83c

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

102.182.145.130:80

173.173.254.105:80

64.207.182.168:8080

51.89.199.141:8080

167.114.153.111:8080

173.63.222.65:80

218.147.193.146:80

59.125.219.109:443

172.104.97.173:8080

190.162.215.233:80

68.115.186.26:80

78.188.106.53:443

190.240.194.77:443

24.133.106.23:80

80.227.52.78:80

79.137.83.50:443

120.150.218.241:443

62.171.142.179:8080

194.4.58.192:7080

62.30.7.67:443

rsa_pubkey.plain

Targets

- Target
  
  85041bd519680b653c8a44c704db4906b0e4d99f5947c3ed209765b4f02cc27c
- Size
  
  356KB
- MD5
  
  709e3512ad4e3520bc90bd78546fd706
- SHA1
  
  638b52a7515e01326fa216a57118785ee1668819
- SHA256
  
  85041bd519680b653c8a44c704db4906b0e4d99f5947c3ed209765b4f02cc27c
- SHA512
  
  b1ebe1bbc96321e563063c740f3a869bd82f7f7dc4982dffb62f59d6beb7391339466b934248c5a2b55c2a1735acc2b75b2f02df521caa29b45ce6cfb705e83c
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet Payload
  Detects Emotet payload in memory.
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2

T1082

Query Registry

1

T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet Payload

Executes dropped EXE

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2