emotet

General

Target

eb1e88cfa9d3456999060abd5ca5beba49f6770991d8eb4c320cad188e1cf208
Size

70KB
Sample

220306-rcv37scgbn
MD5

8a16d262602f24a3f3237cf2b314967c
SHA1

6b89667cbf81de0aa5849781fe8c9682ce759690
SHA256

eb1e88cfa9d3456999060abd5ca5beba49f6770991d8eb4c320cad188e1cf208
SHA512

a68c9b4d4214bcf236dd8825ea138b05ea87361158a8430eaa9d6c70e9283f1efe5ffc7ff01b3a9766ed400f13b491e9425223dc12c9e94ebe06a4a91654c046

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

88.156.97.210:80

199.19.237.192:80

190.108.228.48:990

212.129.24.82:8080

162.144.47.94:7080

77.237.248.136:8080

185.142.236.163:443

63.142.253.122:8080

78.24.219.147:8080

200.21.90.6:80

85.104.59.244:20

86.98.25.30:53

222.214.218.192:8080

5.196.74.210:8080

31.12.67.62:7080

190.145.67.134:8090

180.183.112.185:21

178.79.161.166:443

104.131.11.150:8080

101.187.237.217:20

rsa_pubkey.plain

Targets

- Target
  
  eb1e88cfa9d3456999060abd5ca5beba49f6770991d8eb4c320cad188e1cf208
- Size
  
  70KB
- MD5
  
  8a16d262602f24a3f3237cf2b314967c
- SHA1
  
  6b89667cbf81de0aa5849781fe8c9682ce759690
- SHA256
  
  eb1e88cfa9d3456999060abd5ca5beba49f6770991d8eb4c320cad188e1cf208
- SHA512
  
  a68c9b4d4214bcf236dd8825ea138b05ea87361158a8430eaa9d6c70e9283f1efe5ffc7ff01b3a9766ed400f13b491e9425223dc12c9e94ebe06a4a91654c046
Score

10^/10

emotet banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2