emotet

General

Target

40283a2ff9bddc71f173c67cda28431bba91c7fe0dbb2fa5f00e0d7f7bedfdea
Size

96KB
Sample

241120-14sxlavjgt
MD5

73ab4d46755f5be5127fa696f2c0e3e5
SHA1

16510cc2b4accbcc0c4a0b8163ed67625f18b0cf
SHA256

40283a2ff9bddc71f173c67cda28431bba91c7fe0dbb2fa5f00e0d7f7bedfdea
SHA512

875f960825f6a0eb01c10890da506d129221b4697b60940737ae42c8743f21490c65e2f48bdb3e2b95e7b906eec83fbb2355febc13c5f5ce1c8e22ecfedc9bc2
SSDEEP

1536:LNfzLL1/0Pzf3x0K8RqjeygS93gQD/zWpQzN82Ap:LNLLL1/0Pzf3tljV3Prypq8P

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

176.216.226.44:80

159.203.232.29:8080

185.86.148.68:443

87.106.231.60:8080

113.161.148.81:80

78.189.60.109:443

192.163.221.191:8080

31.146.61.34:80

37.70.131.107:80

153.220.182.49:80

177.144.130.105:443

181.167.35.84:80

202.5.47.71:80

192.241.220.183:8080

78.188.170.128:80

182.176.95.147:80

87.252.100.28:80

115.78.11.155:80

212.156.133.218:80

203.153.216.178:7080

rsa_pubkey.plain

Targets

- Target
  
  40283a2ff9bddc71f173c67cda28431bba91c7fe0dbb2fa5f00e0d7f7bedfdea
- Size
  
  96KB
- MD5
  
  73ab4d46755f5be5127fa696f2c0e3e5
- SHA1
  
  16510cc2b4accbcc0c4a0b8163ed67625f18b0cf
- SHA256
  
  40283a2ff9bddc71f173c67cda28431bba91c7fe0dbb2fa5f00e0d7f7bedfdea
- SHA512
  
  875f960825f6a0eb01c10890da506d129221b4697b60940737ae42c8743f21490c65e2f48bdb3e2b95e7b906eec83fbb2355febc13c5f5ce1c8e22ecfedc9bc2
- SSDEEP
  
  1536:LNfzLL1/0Pzf3x0K8RqjeygS93gQD/zWpQzN82Ap:LNLLL1/0Pzf3tljV3Prypq8P
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2