emotet

General

Target

40a4135b54149f01de1752678a5b624a6641439981b8d975d08e3269c4bc7378
Size

299KB
Sample

220708-syeh1sgadm
MD5

dc56fbb3339c3f9c743052f518c4922a
SHA1

98090597435d9f6836e06f5841450ca91be67f8a
SHA256

40a4135b54149f01de1752678a5b624a6641439981b8d975d08e3269c4bc7378
SHA512

6f9b12937054f9888c1f2b264b9290b75fcb029edb3cf5abe93068f26bf5981e1a7cc5e5d77da06228112a27869025c37f018801f7aa90066e18297dda47fb0a

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

186.90.29.228:443

181.135.153.203:443

74.208.68.48:8080

104.131.58.132:8080

68.183.190.199:8080

50.28.51.143:8080

77.55.211.77:8080

181.29.101.13:8080

178.79.163.131:8080

5.1.86.195:8080

187.188.166.192:80

203.25.159.3:8080

139.5.237.27:443

190.1.37.125:443

200.58.171.51:80

186.1.41.111:443

46.29.183.211:8080

109.169.86.13:8080

71.244.60.231:7080

159.203.204.126:8080

rsa_pubkey.plain

Targets

- Target
  
  40a4135b54149f01de1752678a5b624a6641439981b8d975d08e3269c4bc7378
- Size
  
  299KB
- MD5
  
  dc56fbb3339c3f9c743052f518c4922a
- SHA1
  
  98090597435d9f6836e06f5841450ca91be67f8a
- SHA256
  
  40a4135b54149f01de1752678a5b624a6641439981b8d975d08e3269c4bc7378
- SHA512
  
  6f9b12937054f9888c1f2b264b9290b75fcb029edb3cf5abe93068f26bf5981e1a7cc5e5d77da06228112a27869025c37f018801f7aa90066e18297dda47fb0a
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2