emotet

General

Target

855e8406864d3dfa68d9cb47dee06bbb724dc1cb94b57629e5da7493cedddbac
Size

60KB
Sample

220724-2hh1yabaa6
MD5

963a535c91a247a145b304bc2f86b8d9
SHA1

928e856ac15af344e2f8a3ee62d3fcb793195b30
SHA256

855e8406864d3dfa68d9cb47dee06bbb724dc1cb94b57629e5da7493cedddbac
SHA512

e037b667ba56ee54f8b6c1b09231a6857660fbd32920d4b23c7c50065a2491d407622f8d8954c8291a698dbcfa9577fd47efe5c68fa074e3d14cf467c6522c3b

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

144.76.56.36:8080

78.47.106.72:8080

165.227.156.155:443

192.241.255.77:8080

83.136.245.190:8080

91.205.215.66:8080

190.226.44.20:21

186.75.241.230:80

217.160.182.191:8080

190.145.67.134:8090

86.22.221.170:80

149.202.153.252:8080

80.11.163.139:21

181.31.213.158:8080

183.102.238.69:465

186.4.172.5:8080

104.131.44.150:8080

211.63.71.72:8080

31.172.240.91:8080

115.78.95.230:443

rsa_pubkey.plain

Targets

- Target
  
  855e8406864d3dfa68d9cb47dee06bbb724dc1cb94b57629e5da7493cedddbac
- Size
  
  60KB
- MD5
  
  963a535c91a247a145b304bc2f86b8d9
- SHA1
  
  928e856ac15af344e2f8a3ee62d3fcb793195b30
- SHA256
  
  855e8406864d3dfa68d9cb47dee06bbb724dc1cb94b57629e5da7493cedddbac
- SHA512
  
  e037b667ba56ee54f8b6c1b09231a6857660fbd32920d4b23c7c50065a2491d407622f8d8954c8291a698dbcfa9577fd47efe5c68fa074e3d14cf467c6522c3b
Score

10^/10

emotet banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2