emotet

General

Target

00833eb255055f2c10fbf336e8245501214e09a976b2c85a72476ee015ac5316
Size

412KB
Sample

241120-1fmexatcrd
MD5

9c7a26c20a14e2669735606c47a114e3
SHA1

85ae735aae72a24b353ca07b9e349edd5a7f6167
SHA256

00833eb255055f2c10fbf336e8245501214e09a976b2c85a72476ee015ac5316
SHA512

d9bce93f29cefc66e512998960f93b03b087888ae1b8311ff04f0b4420b19e68ae530cba729c65b0a0448f3f620d9f5f78e71dfdb251bc8f69cc1d0d584d27ae
SSDEEP

6144:xLl7XgCt3z4QktK8zm+pTf3l6Kn2ocEKya5VRCE5KjazSvs4U4FWANhqT8Argj:3bgCOvt9zmuf52ocL5qE8aOvZFQ4RA

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch4

C2

144.76.186.49:8080

160.16.102.168:80

58.227.42.236:80

158.69.222.101:443

129.232.188.93:443

207.38.84.195:8080

192.254.71.210:443

185.157.82.211:8080

81.0.236.90:443

212.237.17.99:8080

46.55.222.11:443

164.68.99.3:8080

217.182.143.207:443

195.154.133.20:443

216.158.226.206:443

212.237.5.209:443

110.232.117.186:8080

51.15.4.22:443

45.118.115.99:8080

51.38.71.0:443

eck1.plain

ecs1.plain

Targets

- Target
  
  00833eb255055f2c10fbf336e8245501214e09a976b2c85a72476ee015ac5316
- Size
  
  412KB
- MD5
  
  9c7a26c20a14e2669735606c47a114e3
- SHA1
  
  85ae735aae72a24b353ca07b9e349edd5a7f6167
- SHA256
  
  00833eb255055f2c10fbf336e8245501214e09a976b2c85a72476ee015ac5316
- SHA512
  
  d9bce93f29cefc66e512998960f93b03b087888ae1b8311ff04f0b4420b19e68ae530cba729c65b0a0448f3f620d9f5f78e71dfdb251bc8f69cc1d0d584d27ae
- SSDEEP
  
  6144:xLl7XgCt3z4QktK8zm+pTf3l6Kn2ocEKya5VRCE5KjazSvs4U4FWANhqT8Argj:3bgCOvt9zmuf52ocL5qE8aOvZFQ4RA
Score

10^/10

emotet epoch4 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2