emotet

General

Target

33f872a3f116e57a5dbb34da777f3d204084afb84bacc2781435eebeb3ed2fd3
Size

176KB
Sample

241120-17lmpathka
MD5

7823c8990306dec0030bba8219053f78
SHA1

090b3bbbe8e782b4a07593c3793773cc808604dc
SHA256

33f872a3f116e57a5dbb34da777f3d204084afb84bacc2781435eebeb3ed2fd3
SHA512

95944c65cbd6d1fdd75f7d028a49bfaf4cf59d2908f611fcbf6e82d2fad84ac7bd9bebc7220d89c8526b1e9ff201bcd08744467f8414d48f1ecc5d2032cd8eb8
SSDEEP

1536:8RucTgvK09KDbheJJowUQLweYYpEuEX/PokElw7wyBTgT/Ac:8vgCLheJJowPkeYoEuEPLJwYTgAc

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

65.36.62.20:80

209.126.6.222:8080

5.153.250.14:8080

204.225.249.100:7080

77.90.136.129:8080

185.94.252.27:443

85.105.140.135:443

83.169.21.32:7080

190.190.148.27:8080

185.94.252.12:80

116.125.120.88:443

190.115.18.139:8080

61.92.159.208:8080

24.148.98.177:80

212.93.117.170:80

91.219.169.180:80

73.116.193.136:80

87.106.46.107:8080

187.162.248.237:80

70.32.115.157:8080

rsa_pubkey.plain

Targets

- Target
  
  33f872a3f116e57a5dbb34da777f3d204084afb84bacc2781435eebeb3ed2fd3
- Size
  
  176KB
- MD5
  
  7823c8990306dec0030bba8219053f78
- SHA1
  
  090b3bbbe8e782b4a07593c3793773cc808604dc
- SHA256
  
  33f872a3f116e57a5dbb34da777f3d204084afb84bacc2781435eebeb3ed2fd3
- SHA512
  
  95944c65cbd6d1fdd75f7d028a49bfaf4cf59d2908f611fcbf6e82d2fad84ac7bd9bebc7220d89c8526b1e9ff201bcd08744467f8414d48f1ecc5d2032cd8eb8
- SSDEEP
  
  1536:8RucTgvK09KDbheJJowUQLweYYpEuEX/PokElw7wyBTgT/Ac:8vgCLheJJowPkeYoEuEPLJwYTgAc
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2