emotet | 9be66879d58cd5818e6d919edb4e333490d28fdf838bf0648662b5aab928c0a8 | Triage

Sharing

General

Target

9be66879d58cd5818e6d919edb4e333490d28fdf838bf0648662b5aab928c0a8
Size

496KB
Sample

220521-w3k35sebbr
MD5

10f3c6b27a35cb5e2566513a046f25db
SHA1

b681daaa552affa3fe7803061127c9bc70cb90d5
SHA256

9be66879d58cd5818e6d919edb4e333490d28fdf838bf0648662b5aab928c0a8
SHA512

8f79f42e8319d2c86c8205e3a4c61653cb26875f401682e0b032ba9ebe61ebffeaec88348e63d2dea2b910648db5089d03bda78ccaba8378b25aa6ba20dc22f5

Score

10^/10

emotet epoch3 banker suricata trojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

210.1.219.238:80

162.144.42.60:8080

134.209.193.138:443

68.183.233.80:8080

172.105.78.244:8080

181.113.229.139:443

139.59.12.63:8080

185.142.236.163:443

113.203.250.121:443

74.208.173.91:8080

173.94.215.84:80

31.146.61.34:80

115.78.11.155:80

95.216.205.155:8080

82.239.200.118:80

81.17.93.134:80

179.5.118.12:80

162.249.220.190:80

77.74.78.80:443

24.26.151.3:80

rsa_pubkey.plain

Targets

- Target
  
  9be66879d58cd5818e6d919edb4e333490d28fdf838bf0648662b5aab928c0a8
- Size
  
  496KB
- MD5
  
  10f3c6b27a35cb5e2566513a046f25db
- SHA1
  
  b681daaa552affa3fe7803061127c9bc70cb90d5
- SHA256
  
  9be66879d58cd5818e6d919edb4e333490d28fdf838bf0648662b5aab928c0a8
- SHA512
  
  8f79f42e8319d2c86c8205e3a4c61653cb26875f401682e0b032ba9ebe61ebffeaec88348e63d2dea2b910648db5089d03bda78ccaba8378b25aa6ba20dc22f5
Score

10^/10

emotet epoch3 banker suricata trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M9
  suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M9
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

emotetepoch3bankersuricatatrojan

behavioral2

emotetepoch3bankertrojan