emotet

General

Target

5d4c36b4986c34336f188e1782f1ac8f650d30de84578e78fbaa8b2e6d479cb6
Size

78KB
Sample

220307-hb1gvsbebr
MD5

04f8bea5c6d6bb8336e85afb32804945
SHA1

5181f6572f0a810b2e8a0d5ab5005b35c044c0c0
SHA256

5d4c36b4986c34336f188e1782f1ac8f650d30de84578e78fbaa8b2e6d479cb6
SHA512

e50a12fc6ead5b4627a8b301254ab4ea629b055eed0e7a20a38e6fd8a284b1461ae8e3da09e7b6f9bcaca019b977ce5dc6a86d6be32cd68fa6a0dfc320b888f2

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

148.72.151.34:8080

37.187.2.199:443

173.249.47.77:8080

124.240.198.66:80

212.71.234.16:8080

87.230.19.21:8080

46.105.131.87:80

190.226.44.20:21

92.222.216.44:8080

78.24.219.147:8080

186.4.172.5:20

178.79.161.166:443

186.75.241.230:80

192.81.213.192:8080

103.39.131.88:80

189.159.113.125:8080

169.239.182.217:8080

189.209.217.49:80

217.160.182.191:8080

59.103.164.174:80

rsa_pubkey.plain

Targets

- Target
  
  5d4c36b4986c34336f188e1782f1ac8f650d30de84578e78fbaa8b2e6d479cb6
- Size
  
  78KB
- MD5
  
  04f8bea5c6d6bb8336e85afb32804945
- SHA1
  
  5181f6572f0a810b2e8a0d5ab5005b35c044c0c0
- SHA256
  
  5d4c36b4986c34336f188e1782f1ac8f650d30de84578e78fbaa8b2e6d479cb6
- SHA512
  
  e50a12fc6ead5b4627a8b301254ab4ea629b055eed0e7a20a38e6fd8a284b1461ae8e3da09e7b6f9bcaca019b977ce5dc6a86d6be32cd68fa6a0dfc320b888f2
Score

10^/10

emotet banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2