emotet

General

Target

fc11f30fb0debf8b8f42a7e9c0678df69c8b171c0038ea7aca7217b43b3c220f_unpacked
Size

42KB
Sample

221026-3hvv6shheq
MD5

456164198bfac1ddc805d5bc13e034bd
SHA1

08a4c20704955f843e341b3af4eb837f7b620e9f
SHA256

78c114bffffa451891e4db668b8451e74b18c0871d460841cc35af87240056f1
SHA512

82c078dc9147f9f3cc077fdee5d5ae54a29a5bef3bf86c685045d228d4111c50f3a0304fb22ae96030eea9559b47accd7d1c1cee5b0b07f8605f3a2d5ee5afc4
SSDEEP

768:Ow9I7WgWid7/ayQMkYgVcGZfBLlUI3krOjvohw3Nj74cC4j5:O+ICY7/AhNZkrOjvxNDC85

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

173.73.87.96:80

71.222.233.135:443

60.250.78.22:443

80.86.91.91:8080

104.236.28.47:8080

162.241.92.219:8080

74.208.45.104:8080

178.20.74.212:80

85.105.205.77:8080

190.220.19.82:443

78.24.219.147:8080

47.26.155.17:80

110.44.113.2:80

113.52.123.226:7080

120.151.135.224:80

108.191.2.72:80

70.127.155.33:80

98.156.206.153:80

47.6.15.79:443

104.131.44.150:8080

rsa_pubkey.plain

Targets

- Target
  
  fc11f30fb0debf8b8f42a7e9c0678df69c8b171c0038ea7aca7217b43b3c220f_unpacked
- Size
  
  42KB
- MD5
  
  456164198bfac1ddc805d5bc13e034bd
- SHA1
  
  08a4c20704955f843e341b3af4eb837f7b620e9f
- SHA256
  
  78c114bffffa451891e4db668b8451e74b18c0871d460841cc35af87240056f1
- SHA512
  
  82c078dc9147f9f3cc077fdee5d5ae54a29a5bef3bf86c685045d228d4111c50f3a0304fb22ae96030eea9559b47accd7d1c1cee5b0b07f8605f3a2d5ee5afc4
- SSDEEP
  
  768:Ow9I7WgWid7/ayQMkYgVcGZfBLlUI3krOjvohw3Nj74cC4j5:O+ICY7/AhNZkrOjvxNDC85
Score

10^/10

emotet banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2