emotet

General

Target

2cae1ab2e5ed9e0700c01b3a1f825aa2e92dc05c.exe
Size

536KB
Sample

221130-gzbb7sgd8w
MD5

0b1ca8eb44d80598332d0ff9bc303925
SHA1

2cae1ab2e5ed9e0700c01b3a1f825aa2e92dc05c
SHA256

a33353b8af41a2c8c526cf73db3a091e48056c4b5e4e0c1ec13f416bde627754
SHA512

24c27edb5558fe0464c1fa9e776f51b48cdb50327e8089385258c4db3f4c9558f47d52a430edb04a2ec120d9278c505b84d20a8bfd5960c68bce54c2f8c85def
SSDEEP

6144:D1ZOaxx+MmZA1Y9A32k58rAvioCQgChm5JoUKz6n2n+wjEgUshb6IqQ60dYvltpu:ZZOaXtmZAcPNAvjW5Jo/jEg9b6rQPY

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

200.51.94.251:80

200.113.106.18:465

162.241.208.52:8080

167.71.10.37:8080

104.131.44.150:8080

94.192.225.46:80

138.201.140.110:8080

181.143.194.138:443

190.145.67.134:8090

104.131.11.150:8080

189.209.217.49:80

80.11.163.139:21

190.108.228.48:990

159.65.25.128:8080

47.41.213.2:22

67.225.229.55:8080

24.45.195.162:7080

85.54.169.141:8080

211.63.71.72:8080

87.106.136.232:8080

rsa_pubkey.plain

Targets

- Target
  
  2cae1ab2e5ed9e0700c01b3a1f825aa2e92dc05c.exe
- Size
  
  536KB
- MD5
  
  0b1ca8eb44d80598332d0ff9bc303925
- SHA1
  
  2cae1ab2e5ed9e0700c01b3a1f825aa2e92dc05c
- SHA256
  
  a33353b8af41a2c8c526cf73db3a091e48056c4b5e4e0c1ec13f416bde627754
- SHA512
  
  24c27edb5558fe0464c1fa9e776f51b48cdb50327e8089385258c4db3f4c9558f47d52a430edb04a2ec120d9278c505b84d20a8bfd5960c68bce54c2f8c85def
- SSDEEP
  
  6144:D1ZOaxx+MmZA1Y9A32k58rAvioCQgChm5JoUKz6n2n+wjEgUshb6IqQ60dYvltpu:ZZOaXtmZAcPNAvjW5Jo/jEg9b6rQPY
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2