emotet

General

Target

82e24a083f89928b77dcdd9b4f69536197709755b456bb5565a04cee7f3a6bed
Size

74KB
Sample

220306-xznwaseag6
MD5

941082c4fd2be8cde0d3ce31ffbb061d
SHA1

5e202467d3194365c0d7288d32c83a11139f18c1
SHA256

82e24a083f89928b77dcdd9b4f69536197709755b456bb5565a04cee7f3a6bed
SHA512

29c794ffa01c15a4bf2f392430f1146df13e1208eace8e20ffc8005fbe8807f2d47a526a5fe690cf10c1ab349b05f07d4019295b440baa4b143428418da4582c

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

139.162.75.91:8080

107.170.24.125:8080

37.187.2.199:443

165.227.156.155:443

83.136.245.190:8080

144.76.56.36:8080

178.210.51.222:8080

104.236.246.93:8080

45.33.49.124:443

104.131.44.150:8080

189.209.217.49:80

152.89.236.214:8080

182.176.132.213:8090

80.11.163.139:21

183.102.238.69:465

115.78.95.230:443

95.128.43.213:8080

181.143.194.138:443

186.4.172.5:8080

5.196.74.210:8080

rsa_pubkey.plain

Targets

- Target
  
  82e24a083f89928b77dcdd9b4f69536197709755b456bb5565a04cee7f3a6bed
- Size
  
  74KB
- MD5
  
  941082c4fd2be8cde0d3ce31ffbb061d
- SHA1
  
  5e202467d3194365c0d7288d32c83a11139f18c1
- SHA256
  
  82e24a083f89928b77dcdd9b4f69536197709755b456bb5565a04cee7f3a6bed
- SHA512
  
  29c794ffa01c15a4bf2f392430f1146df13e1208eace8e20ffc8005fbe8807f2d47a526a5fe690cf10c1ab349b05f07d4019295b440baa4b143428418da4582c
Score

10^/10

emotet banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2