emotet

General

Target

NA_NA_4eff2c04f94814exeexe_JC.exe
Size

332KB
Sample

230724-skydzafb7v
MD5

4eff2c04f948147be9ba1ef19850c167
SHA1

91aaf80f54f1af618b6d14a9cb74956491d51d8e
SHA256

d6611bc728b2683910bf4a33a054b9ab3cf2d0df9cc1f9dd589c74d13f35f4d6
SHA512

68a71620de234be68e6296a259e562976a6fdca304e2e300f7469b1f78f78890aa2f34d2f71fb8040b2b116d1f955b2d97f4e7ccbee5255b517fd24ff00511bb
SSDEEP

6144:/gbwEkXhMbyt5VKJYcz/JubEMm79rNYmIWVoN:/gkVh8mVGYYMRsV

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

184.57.130.8:80

91.236.4.234:443

118.69.71.14:80

12.162.84.2:8080

59.120.5.154:80

80.11.158.65:8080

201.213.32.59:80

186.3.232.68:80

190.181.235.46:80

187.51.47.26:80

221.133.46.86:443

114.109.179.60:80

91.83.93.124:7080

185.94.252.27:443

149.62.173.247:8080

50.28.51.143:8080

172.104.169.32:8080

200.119.11.118:443

202.62.39.111:80

70.32.84.74:8080

rsa_pubkey.plain

Targets

- Target
  
  NA_NA_4eff2c04f94814exeexe_JC.exe
- Size
  
  332KB
- MD5
  
  4eff2c04f948147be9ba1ef19850c167
- SHA1
  
  91aaf80f54f1af618b6d14a9cb74956491d51d8e
- SHA256
  
  d6611bc728b2683910bf4a33a054b9ab3cf2d0df9cc1f9dd589c74d13f35f4d6
- SHA512
  
  68a71620de234be68e6296a259e562976a6fdca304e2e300f7469b1f78f78890aa2f34d2f71fb8040b2b116d1f955b2d97f4e7ccbee5255b517fd24ff00511bb
- SSDEEP
  
  6144:/gbwEkXhMbyt5VKJYcz/JubEMm79rNYmIWVoN:/gkVh8mVGYYMRsV
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2