emotet

General

Target

4c372cc3560daa6eefcf3d17a1aca0529bd1b43b7c4c5024d9884be17f0f602b
Size

65KB
Sample

220307-l5h2fsfhek
MD5

743bbf55fcac5109085838b18fa0ba08
SHA1

fccef012994d3d70a861d5fad4b6702235f43f74
SHA256

4c372cc3560daa6eefcf3d17a1aca0529bd1b43b7c4c5024d9884be17f0f602b
SHA512

e659809d48051f0a0fd794e8ad6388e3a4799844104ea7a9776dac4883e7ebb7f9489f17c82395bdff2245a641f60b2aa490e4b068ed14820cf15e4a642dfad4

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

173.247.19.238:80

174.81.132.128:80

211.44.35.111:80

165.227.156.155:443

167.99.105.223:7080

67.225.179.64:8080

176.31.200.130:8080

104.131.11.150:8080

68.118.26.116:80

190.226.44.20:21

120.150.246.241:80

92.222.216.44:8080

73.214.99.25:80

110.142.38.16:80

24.93.212.32:80

190.53.135.159:21

66.209.97.122:8080

173.91.11.142:80

100.14.117.137:80

2.237.76.249:80

rsa_pubkey.plain

Targets

- Target
  
  4c372cc3560daa6eefcf3d17a1aca0529bd1b43b7c4c5024d9884be17f0f602b
- Size
  
  65KB
- MD5
  
  743bbf55fcac5109085838b18fa0ba08
- SHA1
  
  fccef012994d3d70a861d5fad4b6702235f43f74
- SHA256
  
  4c372cc3560daa6eefcf3d17a1aca0529bd1b43b7c4c5024d9884be17f0f602b
- SHA512
  
  e659809d48051f0a0fd794e8ad6388e3a4799844104ea7a9776dac4883e7ebb7f9489f17c82395bdff2245a641f60b2aa490e4b068ed14820cf15e4a642dfad4
Score

10^/10

emotet banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2