emotet

General

Target

0ec4517f2ce8dc1685cd8ea3a2d6c17ed2b4fd90ee7461b03c0313b61f40c169
Size

474KB
Sample

221130-wqs8zsfe4v
MD5

c9afb54377f7916c283437a2c454b1f7
SHA1

b403c67faade94d1297475c73d1f237480cf2292
SHA256

0ec4517f2ce8dc1685cd8ea3a2d6c17ed2b4fd90ee7461b03c0313b61f40c169
SHA512

6d9a9bf0333d36016403bdedb2c3bc8246c6db595ced86c0d61f14d1875671c82ffc0cd869a5838cd8ea2c152c45df498bf6403a8f3b0a14dc7ab00790663075
SSDEEP

6144:weFrEMus74tW3HvPgADDnz/HXnr/vYito7LFDPMTJYhr64Fg0:1tEMus70im7LFPMdV4Fg0

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

110.36.234.146:80

197.211.244.6:443

125.99.61.162:7080

115.88.70.226:7080

162.241.232.82:8080

194.50.163.106:8080

162.214.27.219:7080

203.150.19.63:443

179.62.18.56:443

93.78.205.196:443

176.58.93.123:80

138.197.140.163:8080

181.113.229.139:990

201.244.125.210:995

186.10.16.244:53

83.169.33.157:8080

45.33.1.161:8080

186.117.174.26:80

186.93.167.147:443

148.240.52.172:80

rsa_pubkey.plain

Targets

- Target
  
  0ec4517f2ce8dc1685cd8ea3a2d6c17ed2b4fd90ee7461b03c0313b61f40c169
- Size
  
  474KB
- MD5
  
  c9afb54377f7916c283437a2c454b1f7
- SHA1
  
  b403c67faade94d1297475c73d1f237480cf2292
- SHA256
  
  0ec4517f2ce8dc1685cd8ea3a2d6c17ed2b4fd90ee7461b03c0313b61f40c169
- SHA512
  
  6d9a9bf0333d36016403bdedb2c3bc8246c6db595ced86c0d61f14d1875671c82ffc0cd869a5838cd8ea2c152c45df498bf6403a8f3b0a14dc7ab00790663075
- SSDEEP
  
  6144:weFrEMus74tW3HvPgADDnz/HXnr/vYito7LFDPMTJYhr64Fg0:1tEMus70im7LFPMdV4Fg0
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2