emotet

General

Target

7f3e486aa756ead0ab26785b70608e6bd601abc3187e3364d7399d879654fd77
Size

58KB
Sample

220306-yzy7psgcgq
MD5

8e7208eb64c1d0081c7f1fb31be0f82a
SHA1

9ef1d16d997e656a24cc34e0aa4121521166d63f
SHA256

7f3e486aa756ead0ab26785b70608e6bd601abc3187e3364d7399d879654fd77
SHA512

765289eeddde4a43ae9c870aadb901a01564f6552415d5c2bfbb8e18792b3b0db2ecedd826fbce8cf0925a5dc276756eb3d58f1862455f732fe994dcda7d1528

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

86.22.221.170:80

187.144.61.73:443

185.94.252.13:443

94.177.216.217:8080

46.105.131.87:80

185.187.198.15:80

189.209.217.49:80

159.65.25.128:8080

5.196.74.210:8080

173.212.203.26:8080

200.71.148.138:8080

211.63.71.72:8080

67.225.229.55:8080

124.240.198.66:80

217.160.182.191:8080

24.45.195.162:8443

104.131.44.150:8080

37.157.194.134:443

94.192.225.46:80

87.230.19.21:8080

rsa_pubkey.plain

Targets

- Target
  
  7f3e486aa756ead0ab26785b70608e6bd601abc3187e3364d7399d879654fd77
- Size
  
  58KB
- MD5
  
  8e7208eb64c1d0081c7f1fb31be0f82a
- SHA1
  
  9ef1d16d997e656a24cc34e0aa4121521166d63f
- SHA256
  
  7f3e486aa756ead0ab26785b70608e6bd601abc3187e3364d7399d879654fd77
- SHA512
  
  765289eeddde4a43ae9c870aadb901a01564f6552415d5c2bfbb8e18792b3b0db2ecedd826fbce8cf0925a5dc276756eb3d58f1862455f732fe994dcda7d1528
Score

10^/10

emotet banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2