emotet

General

Target

a3b1994e74fccd304cdcf8b3a4e45d5dc1d5dae3d3918252eb680a810b0a391a
Size

736KB
Sample

240226-1p9a2ahd9z
MD5

6ac90623e07f9557672f64dcfb05f62a
SHA1

3633ce1c2364226a1bad722c6b33f2f7b9e83f1c
SHA256

a3b1994e74fccd304cdcf8b3a4e45d5dc1d5dae3d3918252eb680a810b0a391a
SHA512

6de6b151058c6a04bf20ddb2f2b391677e34243e7b04904ff9b3b3804ef5e21cb9eca268af2442c1db337f774046e40ca16845871faba05167cc647a51826adc
SSDEEP

12288:DjN/Z2wkRrA9CRDCWElAjHDsndSyHOrNjEP0OuZfMAofD:dEHR+CR2yfsMyHOpVLZkAofD

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch4

C2

139.180.205.161:443

209.15.236.39:8080

195.154.253.60:8080

217.182.143.207:443

209.126.98.206:8080

51.254.140.238:7080

81.0.236.90:443

131.100.24.231:80

119.235.255.201:8080

103.75.201.2:443

159.8.59.82:8080

207.38.84.195:8080

50.116.54.215:443

212.237.56.116:7080

107.182.225.142:8080

212.24.98.99:8080

31.24.158.56:8080

158.69.222.101:443

138.185.72.26:8080

203.114.109.124:443

eck1.plain

ecs1.plain

Targets

- Target
  
  a3b1994e74fccd304cdcf8b3a4e45d5dc1d5dae3d3918252eb680a810b0a391a
- Size
  
  736KB
- MD5
  
  6ac90623e07f9557672f64dcfb05f62a
- SHA1
  
  3633ce1c2364226a1bad722c6b33f2f7b9e83f1c
- SHA256
  
  a3b1994e74fccd304cdcf8b3a4e45d5dc1d5dae3d3918252eb680a810b0a391a
- SHA512
  
  6de6b151058c6a04bf20ddb2f2b391677e34243e7b04904ff9b3b3804ef5e21cb9eca268af2442c1db337f774046e40ca16845871faba05167cc647a51826adc
- SSDEEP
  
  12288:DjN/Z2wkRrA9CRDCWElAjHDsndSyHOrNjEP0OuZfMAofD:dEHR+CR2yfsMyHOpVLZkAofD
Score

10^/10

emotet epoch4 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Loads dropped DLL

Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2