emotet

General

Target

9c33560693e80b82e246d75609e4e35c8d6d0f804df7a75a9e99fecdacc44002
Size

59KB
Sample

220724-2hc5paahh9
MD5

a2c47f6ffe53125d0dc415d5850ca2b8
SHA1

2fd768534db11f92fbd55b085652bf39a08a0bea
SHA256

9c33560693e80b82e246d75609e4e35c8d6d0f804df7a75a9e99fecdacc44002
SHA512

bbafc1c36217d1b7d52d8954118a4425752f87efd7d0cc4067c4338d86f19d54ab671ecdc42cec93d82d5612754e8797121e2f05b5bffe9899c7cf27ab9deba9

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

181.188.149.134:80

203.130.0.67:80

5.67.96.120:8080

189.245.135.12:143

143.0.245.169:8080

151.80.142.33:80

162.241.130.39:8080

128.199.78.227:8080

159.65.241.220:8080

109.104.79.48:8080

217.113.27.158:443

77.245.101.134:8080

183.87.87.73:80

178.79.163.131:8080

190.230.60.129:80

183.82.97.25:80

200.80.198.34:80

200.58.171.51:80

69.163.33.82:8080

77.122.183.203:8080

rsa_pubkey.plain

Targets

- Target
  
  9c33560693e80b82e246d75609e4e35c8d6d0f804df7a75a9e99fecdacc44002
- Size
  
  59KB
- MD5
  
  a2c47f6ffe53125d0dc415d5850ca2b8
- SHA1
  
  2fd768534db11f92fbd55b085652bf39a08a0bea
- SHA256
  
  9c33560693e80b82e246d75609e4e35c8d6d0f804df7a75a9e99fecdacc44002
- SHA512
  
  bbafc1c36217d1b7d52d8954118a4425752f87efd7d0cc4067c4338d86f19d54ab671ecdc42cec93d82d5612754e8797121e2f05b5bffe9899c7cf27ab9deba9
Score

10^/10

emotet banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2