emotet

General

Target

f0a675fb8dfd2b1d1659e6dcfe78f8d5fe6f22baf55806f539739fda72e1ae66
Size

296KB
Sample

220303-ls5ppacbdl
MD5

8c90c18f5b6f849e39bb78fbe63239f9
SHA1

7333b1e117984fbd9ed8b3e20e7d60968319305e
SHA256

f0a675fb8dfd2b1d1659e6dcfe78f8d5fe6f22baf55806f539739fda72e1ae66
SHA512

f7d45ec58784495c82e6b28a67906fd2cda6b24e9a21ebc73f1d63e73a09e14c2347a0097c278e57287ec2d35a92111d13ce92db91a4c23b6ef487ddbe3ee1b1

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

12.30.50.130:80

120.138.30.150:8080

139.59.67.118:443

94.23.216.33:80

70.121.172.89:80

139.130.242.43:80

83.169.36.251:8080

89.205.113.80:80

24.137.76.62:80

201.173.217.124:443

87.106.136.232:8080

173.62.217.22:443

78.24.219.147:8080

190.55.181.54:443

85.152.162.105:80

24.179.13.119:80

139.59.60.244:8080

95.179.229.244:8080

162.241.242.173:8080

137.119.36.33:80

rsa_pubkey.plain

Targets

- Target
  
  f0a675fb8dfd2b1d1659e6dcfe78f8d5fe6f22baf55806f539739fda72e1ae66
- Size
  
  296KB
- MD5
  
  8c90c18f5b6f849e39bb78fbe63239f9
- SHA1
  
  7333b1e117984fbd9ed8b3e20e7d60968319305e
- SHA256
  
  f0a675fb8dfd2b1d1659e6dcfe78f8d5fe6f22baf55806f539739fda72e1ae66
- SHA512
  
  f7d45ec58784495c82e6b28a67906fd2cda6b24e9a21ebc73f1d63e73a09e14c2347a0097c278e57287ec2d35a92111d13ce92db91a4c23b6ef487ddbe3ee1b1
Score

10^/10

emotet epoch2 banker trojan suricata
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M10
  suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M10
  suricata
- Emotet Payload
  Detects Emotet payload in memory.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M10

Emotet Payload

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2