emotet

General

Target

403ffc45012019acdb891d071e1ad5a23beac91ea6335048cb0484b38662858c
Size

474KB
Sample

220708-y76lraabd8
MD5

3f8241a5bc324829e73d61b60acac585
SHA1

64c29545cb2a567133540b1c2e88ebd5deeaf827
SHA256

403ffc45012019acdb891d071e1ad5a23beac91ea6335048cb0484b38662858c
SHA512

bd67ab3c8d937398c3cfd91ca11821a2b48d667949c5e799b69fd618d1cb0abe01e97f3fee1321611d60c8071bae462a65316de6f515d646a5712ca42d5504f8

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

124.240.198.66:80

186.75.241.230:80

181.143.194.138:443

45.79.188.67:8080

77.237.248.136:8080

185.142.236.163:443

63.142.253.122:8080

178.254.6.27:7080

190.211.207.11:443

78.188.105.159:21

182.176.106.43:995

178.79.161.166:443

206.189.98.125:8080

87.230.19.21:8080

80.11.163.139:443

101.187.237.217:20

190.18.146.70:80

86.98.25.30:53

92.222.125.16:7080

186.4.172.5:443

rsa_pubkey.plain

Targets

- Target
  
  403ffc45012019acdb891d071e1ad5a23beac91ea6335048cb0484b38662858c
- Size
  
  474KB
- MD5
  
  3f8241a5bc324829e73d61b60acac585
- SHA1
  
  64c29545cb2a567133540b1c2e88ebd5deeaf827
- SHA256
  
  403ffc45012019acdb891d071e1ad5a23beac91ea6335048cb0484b38662858c
- SHA512
  
  bd67ab3c8d937398c3cfd91ca11821a2b48d667949c5e799b69fd618d1cb0abe01e97f3fee1321611d60c8071bae462a65316de6f515d646a5712ca42d5504f8
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2