emotet

General

Target

NA_NA_5fd0a719d83ec3exeexe_JC.exe
Size

383KB
Sample

230724-v1y2jsfh97
MD5

5fd0a719d83ec307f8fa6567c656a051
SHA1

5c3cceedfe6f5762055977616b04ca1edfb7a917
SHA256

8c8812249bfd22607788d61e3833605e09a4324e1e3e3ce20b331ebd0d43c115
SHA512

3bc68a408707e34fd0bf01f21e921284e00525af781a5587218105ff4f415f7688907efeeb5687dd5662d101d0207901d4164d91879f278763eb39c3b77ee95b
SSDEEP

6144:lU4aZS6HFyejN0t1RuveNVuojLf4Opb76Hb2anlV1aXsOiHe+IWVoN:lHuN0rR1n/wOpb7DQusFV

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

184.57.130.8:80

91.236.4.234:443

118.69.71.14:80

12.162.84.2:8080

59.120.5.154:80

80.11.158.65:8080

201.213.32.59:80

186.3.232.68:80

190.181.235.46:80

187.51.47.26:80

221.133.46.86:443

114.109.179.60:80

91.83.93.124:7080

185.94.252.27:443

149.62.173.247:8080

50.28.51.143:8080

172.104.169.32:8080

200.119.11.118:443

202.62.39.111:80

70.32.84.74:8080

rsa_pubkey.plain

Targets

- Target
  
  NA_NA_5fd0a719d83ec3exeexe_JC.exe
- Size
  
  383KB
- MD5
  
  5fd0a719d83ec307f8fa6567c656a051
- SHA1
  
  5c3cceedfe6f5762055977616b04ca1edfb7a917
- SHA256
  
  8c8812249bfd22607788d61e3833605e09a4324e1e3e3ce20b331ebd0d43c115
- SHA512
  
  3bc68a408707e34fd0bf01f21e921284e00525af781a5587218105ff4f415f7688907efeeb5687dd5662d101d0207901d4164d91879f278763eb39c3b77ee95b
- SSDEEP
  
  6144:lU4aZS6HFyejN0t1RuveNVuojLf4Opb76Hb2anlV1aXsOiHe+IWVoN:lHuN0rR1n/wOpb7DQusFV
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2