emotet

General

Target

432b3975390e77fa4eb9e16b8817f9862c5fdaedf646f086acb0a10c518ff857
Size

600KB
Sample

220707-3rlzmaahe8
MD5

3489fd0fe3792353c237c614505c1ef4
SHA1

875fadb82439ebd1f98b4d778c6f6f220e24ccea
SHA256

432b3975390e77fa4eb9e16b8817f9862c5fdaedf646f086acb0a10c518ff857
SHA512

3c17f2503bb34255fb54b74dc842a0c5082425c8d5551876b89d3ff583df1308f0f9fef4e7865a39746edc1e4a54b9a2dc7b2e5a1f008c3eb0faa9e9313bfa1c

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

86.22.221.170:80

187.144.61.73:443

185.94.252.13:443

46.105.131.87:80

69.164.201.54:8080

27.147.163.188:8080

182.176.106.43:995

115.78.95.230:443

87.106.139.101:8080

185.187.198.15:80

186.4.172.5:443

91.205.215.66:8080

47.41.213.2:22

87.230.19.21:8080

59.103.164.174:80

190.145.67.134:8090

92.222.216.44:8080

24.45.195.162:8443

190.211.207.11:443

169.239.182.217:8080

rsa_pubkey.plain

Targets

- Target
  
  432b3975390e77fa4eb9e16b8817f9862c5fdaedf646f086acb0a10c518ff857
- Size
  
  600KB
- MD5
  
  3489fd0fe3792353c237c614505c1ef4
- SHA1
  
  875fadb82439ebd1f98b4d778c6f6f220e24ccea
- SHA256
  
  432b3975390e77fa4eb9e16b8817f9862c5fdaedf646f086acb0a10c518ff857
- SHA512
  
  3c17f2503bb34255fb54b74dc842a0c5082425c8d5551876b89d3ff583df1308f0f9fef4e7865a39746edc1e4a54b9a2dc7b2e5a1f008c3eb0faa9e9313bfa1c
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2