emotet

General

Target

f10052e10c319749ccd6aead272df3e831e4d4224a32ac589e1a577db38e2b70.exe
Size

468KB
Sample

240821-c2x7jawdjd
MD5

07a65d20c622c4da0027e6d1069903f3
SHA1

1f3fba680895890258bacf136afc9db655a53571
SHA256

f10052e10c319749ccd6aead272df3e831e4d4224a32ac589e1a577db38e2b70
SHA512

57a06638b238d8ae1d98ae36dbac7b2dc7514c638a3ead044eb5472e4e03d72c8b040e59ce69bbb5d301db4bf9bc6b23a9820237c716d1b7558317ddc08623dc
SSDEEP

6144:IE0ezoT0WbqYeQ52w5SSsy9MFjafSRGDumAjVJ7xn+feugnxO44D0Ecf7y:N0VT0vYH52wPd0jz0q9jX7x+fL2ObDiy

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

24.105.202.216:443

24.94.237.248:80

76.164.99.46:80

108.61.99.179:8080

165.227.156.155:443

159.69.89.130:8080

167.99.105.223:7080

87.230.19.21:8080

91.73.197.90:80

210.6.85.121:80

47.156.70.145:80

197.254.221.174:80

58.171.42.66:8080

66.34.201.20:7080

2.38.99.79:80

95.128.43.213:8080

190.12.119.180:443

67.225.179.64:8080

165.228.24.197:80

121.88.5.176:443

rsa_pubkey.plain

Targets

- Target
  
  f10052e10c319749ccd6aead272df3e831e4d4224a32ac589e1a577db38e2b70.exe
- Size
  
  468KB
- MD5
  
  07a65d20c622c4da0027e6d1069903f3
- SHA1
  
  1f3fba680895890258bacf136afc9db655a53571
- SHA256
  
  f10052e10c319749ccd6aead272df3e831e4d4224a32ac589e1a577db38e2b70
- SHA512
  
  57a06638b238d8ae1d98ae36dbac7b2dc7514c638a3ead044eb5472e4e03d72c8b040e59ce69bbb5d301db4bf9bc6b23a9820237c716d1b7558317ddc08623dc
- SSDEEP
  
  6144:IE0ezoT0WbqYeQ52w5SSsy9MFjafSRGDumAjVJ7xn+feugnxO44D0Ecf7y:N0VT0vYH52wPd0jz0q9jX7x+fL2ObDiy
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2