emotet

General

Target

3100dbae5e9b0f5e8e6d4252ea37d57f307c2a2f8f91676524d4de3fbda8fb51
Size

474KB
Sample

220621-bem8dahfe7
MD5

3e04bfc5672c71b284b5878549294f29
SHA1

1087a9e95166308b40f64551c2f0b68caa28c0dc
SHA256

3100dbae5e9b0f5e8e6d4252ea37d57f307c2a2f8f91676524d4de3fbda8fb51
SHA512

ab62d71122c35fe2fce3e1b097eef682f8edbd4b92f36b8b833a86675c4594ae18cfdb67bf1851427847e20ecead685479c09dc214e7c1e6d050c9d9a93dc6e1

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

110.36.234.146:80

197.211.244.6:443

125.99.61.162:7080

115.88.70.226:7080

162.241.232.82:8080

194.50.163.106:8080

162.214.27.219:7080

203.150.19.63:443

179.62.18.56:443

93.78.205.196:443

176.58.93.123:80

138.197.140.163:8080

181.113.229.139:990

201.244.125.210:995

186.10.16.244:53

83.169.33.157:8080

45.33.1.161:8080

186.117.174.26:80

186.93.167.147:443

148.240.52.172:80

rsa_pubkey.plain

Targets

- Target
  
  3100dbae5e9b0f5e8e6d4252ea37d57f307c2a2f8f91676524d4de3fbda8fb51
- Size
  
  474KB
- MD5
  
  3e04bfc5672c71b284b5878549294f29
- SHA1
  
  1087a9e95166308b40f64551c2f0b68caa28c0dc
- SHA256
  
  3100dbae5e9b0f5e8e6d4252ea37d57f307c2a2f8f91676524d4de3fbda8fb51
- SHA512
  
  ab62d71122c35fe2fce3e1b097eef682f8edbd4b92f36b8b833a86675c4594ae18cfdb67bf1851427847e20ecead685479c09dc214e7c1e6d050c9d9a93dc6e1
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2