emotet

General

Target

92e7d8ac504e77241d607c661618dcaa79c92e4921740d23bb40317c114315c5.zip
Size

321KB
Sample

230208-lxwbtahe6t
MD5

1a896c3a634982694b4584893be5649d
SHA1

9bd89bc80ea849137c953cec38954772eb37f0b2
SHA256

76ca83e68e90873110f61322c2c5ce488a653fddf9472236e2ceba22b3daaa62
SHA512

f708da8ccdadf2f55b480c039957eaffe5863356251766bf5b65569c1d1d9a9f922c5a3803633b85b55ca58522b567f42accc364f2d9c231da8955e9d4608b1d
SSDEEP

6144:Pk5XzlsN/JDseGYTybkpzWCY5SU3O0uMeXN/rrsoMYsghw:s5DlsFJDkzbkpK5SgO02N1hw

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch5

C2

80.211.107.116:8080

188.166.229.148:443

121.78.112.42:8080

185.148.168.15:8080

210.57.209.142:8080

194.9.172.107:8080

139.196.72.155:8080

128.199.192.135:8080

62.171.178.147:8080

103.133.214.242:8080

104.131.62.48:8080

103.41.204.169:8080

54.37.106.167:8080

217.182.143.207:443

185.148.168.220:8080

202.134.4.210:7080

198.199.98.78:8080

5.56.132.177:8080

66.42.57.149:443

78.46.73.125:443

eck1.plain

ecs1.plain

Targets

- Target
  
  92e7d8ac504e77241d607c661618dcaa79c92e4921740d23bb40317c114315c5.dll
- Size
  
  567KB
- MD5
  
  e4ee8289e8e2c6cb77037a609ce1d22b
- SHA1
  
  7c18d6bc232b8a12bd2bb05269b4edee369bfcec
- SHA256
  
  92e7d8ac504e77241d607c661618dcaa79c92e4921740d23bb40317c114315c5
- SHA512
  
  31470edd48a2ab1d7c6bddef382d9fc94ca89374964da54521570f64fccc5ef8a0c2e6e9b9c12a49073d88e453624e66d65b031ca85cbff4f1eab6f4edef0fdd
- SSDEEP
  
  12288:S54yM33d3q3Z7BogcreNmF+U/9JckIAGfUeb:SKh3831Bo+N6+ADckbeb
Score

10^/10

emotet epoch5 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Loads dropped DLL

Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2