emotet

General

Target

6TYwBEsuS3j14dCM.zip
Size

157KB
Sample

240403-3bj54afh61
MD5

7847e07f22cb26cecc83dfea5f6ff91c
SHA1

73382439f3a2edcec6b264d87e3c2e893d8e887f
SHA256

6a391f2287a31da8391d6eba6f36eac2c35c86a9f3cc01e905bd986f48275fcc
SHA512

9a4a043ae5f7254ed0db74f9c6739490552764887586e4e17c398cd2e996b1a29af888785f7f1a90861e567fe63db23e76ae662229d3e62b3e01513b56badd3f
SSDEEP

3072:tTwcUWm0BqduJKRqAb8uciUSD7t+i8qgMnZsjLDiDb/PGYK7PHri5AEa+nhXSozz:tH9nqduJKRqA4Lmp+PqgMZJvI7zi5AdM

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

50.121.220.50:80

51.75.33.122:80

54.37.42.48:8080

91.121.54.71:8080

45.16.226.117:443

68.69.155.181:80

213.60.96.117:80

77.55.211.77:8080

152.169.22.67:80

110.142.219.51:80

2.47.112.152:80

206.15.68.237:443

217.13.106.14:8080

191.99.160.58:80

189.131.57.131:80

213.197.182.158:8080

94.176.234.118:443

61.92.159.208:8080

190.128.173.10:80

219.92.8.17:8080

rsa_pubkey.plain

Targets

- Target
  
  6TYwBEsuS3j14dCM.exe
- Size
  
  318KB
- MD5
  
  4a77d07c69aab90716bda7e5fdc02409
- SHA1
  
  d9bf0be971efc8136cdcb06c48ad59530de7d22c
- SHA256
  
  065e6e0ac102dda862b7f3301e0975be468877ae269779def89af5bcf4a6f605
- SHA512
  
  16fb7380682c7913c8fe69f3cb3ed76e08a7871a7bdf15d6fab334f3ab14c3ba26b8e5c505c4f18751ee2d5b48f7cddd5c28f9dd719a0f686d5894141fe64e20
- SSDEEP
  
  6144:9U39yixK0dkI6ukU1EqlhVLLiLLwLL5ZbgiUPbY:4rxRdbDHTC3P
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Executes dropped EXE

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2