emotet

General

Target

O1uPzXd2YscA.zip
Size

811KB
Sample

230322-kmkxnafg94
MD5

2f56a13efc346438a275f675f9cbe794
SHA1

bb50faf6091e39b9d8ba9048dae965bbdec2c4df
SHA256

437f0dce73d03e764e346dee98bb44c6111766897c2fd085c8c1c5457988818e
SHA512

b74793a378365f98fe4cdab8a3742fedbe3daf7c858ebb40f9a1d11fa93dbc881bf5f027e064444703d8fd068aa1b895d16629f7dfcba757ddc60ee9008df9d4
SSDEEP

6144:mA/fqQLsh2uoOObj+gmM424czDPECwRAc7cDA08yuMol3l:3/fqmm2sObC7ezET7vh73l

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch5

C2

103.85.95.4:8080

103.224.241.74:8080

178.238.225.252:8080

37.59.103.148:8080

78.47.204.80:443

138.197.14.67:8080

128.199.242.164:8080

54.37.228.122:443

37.44.244.177:8080

139.59.80.108:8080

218.38.121.17:443

82.98.180.154:7080

114.79.130.68:443

159.65.135.222:7080

174.138.33.49:7080

195.77.239.39:8080

193.194.92.175:443

198.199.70.22:8080

85.214.67.203:8080

93.84.115.205:7080

ecs1.plain

eck1.plain

Targets

- Target
  
  nees2vpsDkD7vWD.dll
- Size
  
  504.5MB
- MD5
  
  c72fa03014714b23c88421313d6ae9cd
- SHA1
  
  a57f585828fdb9cfaeb45cc50c3b03de46f2cf41
- SHA256
  
  386ecbdf8fa5f4d26237e9f5787adb03911a3f2ad6d9b40f37c5a7af5f975770
- SHA512
  
  37cbe26db7c02a68418c74fbc7de800ca0c3facd659a7b69ed353dec6f3add23af346902ad573ddd52a53083f030846f785b2f3365b476d3cc35318cd8642efc
- SSDEEP
  
  12288:chQZR06Fy1F5YqSDZ9ma2aCStos1F3uD2Hescq2mc:jT08y1F5YqSDZ9ma21Str3cTX
Score

10^/10

emotet epoch5 banker trojan persistence
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Adds Run key to start application

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2