emotet

General

Target

59975f13479b7770ec94f72857c8f9a32b09a3724f10af3f46e3fb9159686cde
Size

220KB
Sample

240901-2evkkatdkj
MD5

0d3b468c1426b48dd5c2b138a6e4da0d
SHA1

de00aa1ebdc60612c1db92fef871bb7f7437f6b7
SHA256

59975f13479b7770ec94f72857c8f9a32b09a3724f10af3f46e3fb9159686cde
SHA512

65999f431f702aafd2545421040de2e9d94d8c1ed0cd16e35e725473f01149eb65b812ee7935f17e326dd08d36f8bafaee34f8305e85cefac317a0022aade531
SSDEEP

6144:SZOAKKIiawQSu3IF9UtNRW9l1QAVzEAvv2OqgnRqHa4qASbGGe23p5WD:SRIiawQSu3IF9UtNRW9l1QAVzEU+OpnQ

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

45.16.226.117:443

104.131.92.244:8080

70.39.251.94:8080

87.230.25.43:8080

186.189.249.2:80

209.236.123.42:8080

5.196.35.138:7080

45.33.77.42:8080

46.43.2.95:8080

24.135.69.146:80

103.236.179.162:80

190.92.122.226:80

201.71.228.86:80

68.183.170.114:8080

183.176.82.231:80

168.197.45.36:80

152.169.22.67:80

111.67.12.221:8080

51.75.33.127:80

186.70.127.199:8090

rsa_pubkey.plain

Targets

- Target
  
  59975f13479b7770ec94f72857c8f9a32b09a3724f10af3f46e3fb9159686cde
- Size
  
  220KB
- MD5
  
  0d3b468c1426b48dd5c2b138a6e4da0d
- SHA1
  
  de00aa1ebdc60612c1db92fef871bb7f7437f6b7
- SHA256
  
  59975f13479b7770ec94f72857c8f9a32b09a3724f10af3f46e3fb9159686cde
- SHA512
  
  65999f431f702aafd2545421040de2e9d94d8c1ed0cd16e35e725473f01149eb65b812ee7935f17e326dd08d36f8bafaee34f8305e85cefac317a0022aade531
- SSDEEP
  
  6144:SZOAKKIiawQSu3IF9UtNRW9l1QAVzEAvv2OqgnRqHa4qASbGGe23p5WD:SRIiawQSu3IF9UtNRW9l1QAVzEU+OpnQ
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2