emotet

General

Target

3e5673ca1c55f09dc0c68462c2262ff8d777bcbdc6124af5fa9fbc08118282d7
Size

345KB
Sample

230129-zyb68aed2s
MD5

804ef261ba069322ad811af845b91ca8
SHA1

11baa44357a5b389038d8050cbfc289621175bc3
SHA256

3e5673ca1c55f09dc0c68462c2262ff8d777bcbdc6124af5fa9fbc08118282d7
SHA512

a7a9d1960280079813c8bebbb0b9b647ef5c5d590dfeb9b67747033a73c1685401e17212908b0e1068c479d490de328f091eb9fc7dac751434bfa2b48fa2f1b8
SSDEEP

6144:dEkfZo/eEoJa5TUdvUOIDZgAh/uwsEUyxq0wHfN3je/586763EApVAQHBuBNmOd6:dEkm/DoJlUOIDGAhoBF3Tpn

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

116.203.117.76:80

108.166.188.146:7080

216.154.222.52:7080

83.169.33.157:8080

5.189.148.98:8080

178.249.187.150:7080

41.60.202.26:22

181.231.62.54:80

201.196.15.79:990

181.55.171.237:8080

201.244.125.210:995

181.230.126.152:8090

80.227.67.18:20

51.38.134.203:8080

143.95.101.72:8080

94.177.253.126:80

181.97.70.132:8080

203.99.182.135:443

190.13.146.47:443

113.52.135.33:7080

rsa_pubkey.plain

Targets

- Target
  
  3e5673ca1c55f09dc0c68462c2262ff8d777bcbdc6124af5fa9fbc08118282d7
- Size
  
  345KB
- MD5
  
  804ef261ba069322ad811af845b91ca8
- SHA1
  
  11baa44357a5b389038d8050cbfc289621175bc3
- SHA256
  
  3e5673ca1c55f09dc0c68462c2262ff8d777bcbdc6124af5fa9fbc08118282d7
- SHA512
  
  a7a9d1960280079813c8bebbb0b9b647ef5c5d590dfeb9b67747033a73c1685401e17212908b0e1068c479d490de328f091eb9fc7dac751434bfa2b48fa2f1b8
- SSDEEP
  
  6144:dEkfZo/eEoJa5TUdvUOIDZgAh/uwsEUyxq0wHfN3je/586763EApVAQHBuBNmOd6:dEkm/DoJlUOIDGAhoBF3Tpn
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2