emotet

General

Target

ae35edfd0b9d7c789354020d3f98375f9d346d32e0e637b8c37ae8295227ff92
Size

392KB
Sample

241120-18g1wsthlc
MD5

92bafa2505f1f8a13e72fb0e2031725c
SHA1

247b87e97b462fd3f23330b61c467e881d9ac57b
SHA256

ae35edfd0b9d7c789354020d3f98375f9d346d32e0e637b8c37ae8295227ff92
SHA512

55a2625f77da38ca9bce80c3a89b1989cb30f1042cbd456f48db87ca300099efc9213dddc3ed80b5d7e2018f63745604258c9a4c5e0f8da3b5df29a64534533a
SSDEEP

6144:gsAXvtkXZjPfQ72jfw9LZ3fUIKonW1WAEgjrqVibiQ6OiW:gZftkJjXCU8Z3cfoIEqX6

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

73.116.193.136:80

185.94.252.13:443

149.62.173.247:8080

89.32.150.160:8080

185.94.252.12:80

77.90.136.129:8080

83.169.21.32:7080

104.236.161.64:8080

114.109.179.60:80

189.2.177.210:443

68.183.190.199:8080

144.139.91.187:443

185.94.252.27:443

190.181.235.46:80

82.196.15.205:8080

46.28.111.142:7080

181.167.96.215:80

202.62.39.111:80

219.92.13.25:80

191.99.160.58:80

rsa_pubkey.plain

Targets

- Target
  
  ae35edfd0b9d7c789354020d3f98375f9d346d32e0e637b8c37ae8295227ff92
- Size
  
  392KB
- MD5
  
  92bafa2505f1f8a13e72fb0e2031725c
- SHA1
  
  247b87e97b462fd3f23330b61c467e881d9ac57b
- SHA256
  
  ae35edfd0b9d7c789354020d3f98375f9d346d32e0e637b8c37ae8295227ff92
- SHA512
  
  55a2625f77da38ca9bce80c3a89b1989cb30f1042cbd456f48db87ca300099efc9213dddc3ed80b5d7e2018f63745604258c9a4c5e0f8da3b5df29a64534533a
- SSDEEP
  
  6144:gsAXvtkXZjPfQ72jfw9LZ3fUIKonW1WAEgjrqVibiQ6OiW:gZftkJjXCU8Z3cfoIEqX6
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2