emotet

General

Target

9b4d490d173c9656b238aef9779880b47303f4f5.exe
Size

370KB
Sample

221130-k964eaag7t
MD5

2cfd324d6f5bd0b92043276bf8d1ceee
SHA1

9b4d490d173c9656b238aef9779880b47303f4f5
SHA256

6e3b4a38d48c38c3a4b7cd900c9b77fd2d78b867912e49b10fbbea5b6be79980
SHA512

983239cbe337288a20c72644ed9c06ceecb8e5fd7b9ac11a56470964635788a714f9ac2b012577cb2343009f37f18f36575c9781fca859bc5c978647fa9e16c8
SSDEEP

6144:PvGO3yl828vcPvSyv8vrvvvLvvvLvvvrvvvLvvvrvjvrvTPnbH7fvTv1DhU8888I:z1yWG888888888888W88888888888ETB

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

91.121.116.137:443

80.79.23.144:443

192.254.173.31:8080

27.4.80.183:443

31.12.67.62:7080

95.128.43.213:8080

94.192.225.46:80

190.108.228.48:990

186.4.172.5:8080

87.230.19.21:8080

136.243.177.26:8080

185.94.252.13:443

206.189.98.125:8080

190.18.146.70:80

186.75.241.230:80

94.205.247.10:80

211.63.71.72:8080

190.186.203.55:80

115.78.95.230:443

212.71.234.16:8080

rsa_pubkey.plain

Targets

- Target
  
  9b4d490d173c9656b238aef9779880b47303f4f5.exe
- Size
  
  370KB
- MD5
  
  2cfd324d6f5bd0b92043276bf8d1ceee
- SHA1
  
  9b4d490d173c9656b238aef9779880b47303f4f5
- SHA256
  
  6e3b4a38d48c38c3a4b7cd900c9b77fd2d78b867912e49b10fbbea5b6be79980
- SHA512
  
  983239cbe337288a20c72644ed9c06ceecb8e5fd7b9ac11a56470964635788a714f9ac2b012577cb2343009f37f18f36575c9781fca859bc5c978647fa9e16c8
- SSDEEP
  
  6144:PvGO3yl828vcPvSyv8vrvvvLvvvLvvvrvvvLvvvrvjvrvTPnbH7fvTv1DhU8888I:z1yWG888888888888W88888888888ETB
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2