emotet

General

Target

a1ef1443ea9685cf6db0eee2a5ed0e19337e5f212af66459291b42bdc6f72906
Size

65KB
Sample

220306-vp2naseefr
MD5

5dab0a3d9d4fefee5efa393031d8dff9
SHA1

02fc6a29d63fe582e4a775989b0dbb61c02611c6
SHA256

a1ef1443ea9685cf6db0eee2a5ed0e19337e5f212af66459291b42bdc6f72906
SHA512

a05c2a24fc257c67f6ec3e6438c88d7d4c7c27055a06e29ec9ae37df606e09ad6aa93b97fc915b61b6897fc8b47b7da0494d0c6ce4d011c184668afde6ba563d

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

24.181.125.62:80

98.156.206.153:80

173.21.26.90:80

108.61.99.179:8080

165.227.156.155:443

159.69.89.130:8080

167.99.105.223:7080

5.196.74.210:8080

200.7.243.108:443

183.102.238.69:465

64.147.15.138:80

85.152.174.56:80

59.148.227.190:80

62.75.187.192:8080

174.77.190.137:8080

87.106.139.101:8080

173.247.19.238:80

2.38.99.79:80

178.210.51.222:8080

209.141.54.221:8080

rsa_pubkey.plain

Targets

- Target
  
  a1ef1443ea9685cf6db0eee2a5ed0e19337e5f212af66459291b42bdc6f72906
- Size
  
  65KB
- MD5
  
  5dab0a3d9d4fefee5efa393031d8dff9
- SHA1
  
  02fc6a29d63fe582e4a775989b0dbb61c02611c6
- SHA256
  
  a1ef1443ea9685cf6db0eee2a5ed0e19337e5f212af66459291b42bdc6f72906
- SHA512
  
  a05c2a24fc257c67f6ec3e6438c88d7d4c7c27055a06e29ec9ae37df606e09ad6aa93b97fc915b61b6897fc8b47b7da0494d0c6ce4d011c184668afde6ba563d
Score

10^/10

emotet banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2