emotet

General

Target

b36fcd01684ee655f8a546aa7a6993f0a0796340dcc8c191eb8b18364c6bb8ad
Size

38KB
Sample

220306-txadcacde8
MD5

243972754a00487c8e91500af011f4f4
SHA1

8d4114b6c35df2ff942e365ebbe6fc2dbb8be4e8
SHA256

b36fcd01684ee655f8a546aa7a6993f0a0796340dcc8c191eb8b18364c6bb8ad
SHA512

a6eb3b5ca966aae5bde31dcef13e6b08c868719572024880672b8798b5ba64c1e187d88de9cf5bdf5fcdd430dbb3c75db5d8c4dc28a46b8380cf43850d05ff88

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

72.202.237.228:80

123.202.209.62:80

104.236.28.47:8080

46.105.131.87:80

41.60.200.34:80

173.73.87.96:80

76.86.17.1:80

47.26.155.17:80

174.53.195.88:80

78.189.180.107:80

64.66.6.71:8080

189.212.199.126:443

120.151.135.224:80

178.20.74.212:80

139.130.241.252:443

108.6.170.195:80

209.97.168.52:8080

104.236.246.93:8080

209.146.22.34:443

181.143.126.170:80

rsa_pubkey.plain

Targets

- Target
  
  b36fcd01684ee655f8a546aa7a6993f0a0796340dcc8c191eb8b18364c6bb8ad
- Size
  
  38KB
- MD5
  
  243972754a00487c8e91500af011f4f4
- SHA1
  
  8d4114b6c35df2ff942e365ebbe6fc2dbb8be4e8
- SHA256
  
  b36fcd01684ee655f8a546aa7a6993f0a0796340dcc8c191eb8b18364c6bb8ad
- SHA512
  
  a6eb3b5ca966aae5bde31dcef13e6b08c868719572024880672b8798b5ba64c1e187d88de9cf5bdf5fcdd430dbb3c75db5d8c4dc28a46b8380cf43850d05ff88
Score

10^/10

emotet banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2