emotet

General

Target

nzFEDLQZyoE02rS.zip
Size

837KB
Sample

230630-phjagsaf59
MD5

360a77e9254ba56e0923b4bc96d1c4d9
SHA1

6d09cd82523b1c6ac21a241e462054cbe3d06e1f
SHA256

c1394817737f562d0fd1ccdf821ad6e3911b083ecc4562469b61b65e9098110f
SHA512

7dc7ab7114c1e96aca92bb44615d1db6c6214f35f665274d41a649b8ffb68aac1a0513a3a918d41960fea77413a2ac6a99e3d160124fa5c5ea659f5bde148ea8
SSDEEP

6144:yA+HlxM4U/+s5isAAkdeLK4NKIXldcN8izcxqNf1fpCRBsyXe:k3W/+s5i8m48I1dcN8isWR0m

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch4

C2

164.68.99.3:8080

164.90.222.65:443

186.194.240.217:443

1.234.2.232:8080

103.75.201.2:443

187.63.160.88:80

147.139.166.154:8080

91.207.28.33:8080

5.135.159.50:443

153.92.5.27:8080

213.239.212.5:443

103.43.75.120:443

159.65.88.10:8080

167.172.253.162:8080

153.126.146.25:7080

119.59.103.152:8080

107.170.39.149:8080

183.111.227.137:8080

159.89.202.34:443

110.232.117.186:8080

eck1.plain

ecs1.plain

Targets

- Target
  
  DiOmv2EReGl5rMf.dll
- Size
  
  543.5MB
- MD5
  
  c6f9fc739ab38169fd46f83360d1d49f
- SHA1
  
  8d31e6f8b9c16dde5f3e683f97c25cde949b9cbe
- SHA256
  
  282aa0a1adf3291b3cfec636383682f91135e6a4ac94c49cb9ffb9145c96b992
- SHA512
  
  fb3c3012e949c2cc97cec03b7021e88955b3c34f854df96e555789b5f0a4195cb3fbe9f92e83703ff7dd06e57609ce4d4c6693196fadaeb498ae3f18226fb8f8
- SSDEEP
  
  6144:ZS+strpYZOLnN6zBiWmLcipbxTV5bEgWrhTmi3ve2vof2PPMIf39yeuLcLwdi:ZbapYTiDcidxTJUdpe2vofQMIfUb
Score

10^/10

emotet epoch4 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2