emotet

General

Target

eba98abe00f0a411e6736cf916d05c70
Size

572KB
Sample

231222-tn5g5aghe9
MD5

eba98abe00f0a411e6736cf916d05c70
SHA1

fba38ef52ce7f582ffa8582dafc7517b310c396b
SHA256

7c017123bdcb32ece3624c846e7262f9b9cd04ce4e8608e5f3d02448ea9c1bbc
SHA512

1df1c131751fb709778c61e3de005ea295661fbf9556ff0c90659fdba62b129c7b758bc7fea14e3705c178fbe9641f8ac5ce7fb56eae43533dde11d2e5db4cc7
SSDEEP

6144:hLOYXpa/ummNl/C5lXS/U6zJjSOd77yPZ5qxSorTCQ2z07517k0bbS9ZuXCBnS91:h6ummjiX6B+PZC+OByZJS9rVFN

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

2.38.99.79:80

98.24.231.64:80

47.156.70.145:80

37.59.24.177:8080

66.34.201.20:7080

108.179.206.219:8080

45.56.88.91:443

206.189.112.148:8080

120.150.246.241:80

190.56.255.118:80

200.71.148.138:8080

192.241.255.77:8080

211.63.71.72:8080

190.53.135.159:21

183.102.238.69:465

108.191.2.72:80

107.170.24.125:8080

167.114.242.226:8080

91.73.197.90:80

178.209.71.63:8080

rsa_pubkey.plain

Targets

- Target
  
  eba98abe00f0a411e6736cf916d05c70
- Size
  
  572KB
- MD5
  
  eba98abe00f0a411e6736cf916d05c70
- SHA1
  
  fba38ef52ce7f582ffa8582dafc7517b310c396b
- SHA256
  
  7c017123bdcb32ece3624c846e7262f9b9cd04ce4e8608e5f3d02448ea9c1bbc
- SHA512
  
  1df1c131751fb709778c61e3de005ea295661fbf9556ff0c90659fdba62b129c7b758bc7fea14e3705c178fbe9641f8ac5ce7fb56eae43533dde11d2e5db4cc7
- SSDEEP
  
  6144:hLOYXpa/ummNl/C5lXS/U6zJjSOd77yPZ5qxSorTCQ2z07517k0bbS9ZuXCBnS91:h6ummjiX6B+PZC+OByZJS9rVFN
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2