emotet

General

Target

e50f8fd47455de0dbb75b38d0302ca736d03d3cc8f4a51b4620e55fe3466012c
Size

58KB
Sample

220306-rmybbachdn
MD5

776687c64bb358e34d0b162aac81b6e3
SHA1

3cf5269c81fed40ec8bf3eede5eeccc315d8b40e
SHA256

e50f8fd47455de0dbb75b38d0302ca736d03d3cc8f4a51b4620e55fe3466012c
SHA512

4c56f650cf3b70326d84e37b9630880c633f61c5d49e782ce228cf07329f153671d5663362ae819c41bd5838b2ed46095e78fc3ac323ef675fd464915430245b

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

80.79.23.144:443

192.254.173.31:8080

67.225.229.55:8080

182.76.6.2:8080

95.128.43.213:8080

173.212.203.26:8080

103.97.95.218:143

5.196.74.210:8080

185.94.252.13:443

104.236.246.93:8080

178.79.161.166:443

63.142.253.122:8080

159.65.25.128:8080

78.24.219.147:8080

45.123.3.54:443

222.214.218.192:8080

190.226.44.20:21

181.143.194.138:443

149.202.153.252:8080

186.4.172.5:20

rsa_pubkey.plain

Targets

- Target
  
  e50f8fd47455de0dbb75b38d0302ca736d03d3cc8f4a51b4620e55fe3466012c
- Size
  
  58KB
- MD5
  
  776687c64bb358e34d0b162aac81b6e3
- SHA1
  
  3cf5269c81fed40ec8bf3eede5eeccc315d8b40e
- SHA256
  
  e50f8fd47455de0dbb75b38d0302ca736d03d3cc8f4a51b4620e55fe3466012c
- SHA512
  
  4c56f650cf3b70326d84e37b9630880c633f61c5d49e782ce228cf07329f153671d5663362ae819c41bd5838b2ed46095e78fc3ac323ef675fd464915430245b
Score

10^/10

emotet banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2