emotet

General

Target

ca9c9ec4e64720129e47b41b7c1928f7285cb674ba8bab0ad2e1ac410ecf62bd
Size

277KB
Sample

241120-1m1acavcqq
MD5

85ef23190614c85e891ca3b2441f0df4
SHA1

7fc8d2f770412e6ff30a7c1e25e0865963ff0608
SHA256

ca9c9ec4e64720129e47b41b7c1928f7285cb674ba8bab0ad2e1ac410ecf62bd
SHA512

d0970ce49ab1b23d22e5f5df3a724bf48e8b2bdf00d064471f4138c4b7febf26e7868804185231b017fd1b6c3ea2304299202a3fe436fec5f807dd200c773842
SSDEEP

6144:YAgt4nai4+EIF5J1TH/31hzXKUKuX7uKqJViVrAlXxThVD:Yvt4nagvLtH/FD7KJViCZL

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch5

C2

198.199.126.144:443

103.42.57.17:8080

195.154.146.35:443

104.131.62.48:8080

116.124.128.206:8080

54.38.242.185:443

217.182.143.207:443

66.42.57.149:443

185.148.168.220:8080

37.44.244.177:8080

78.47.204.80:443

173.203.78.138:443

190.90.233.66:443

203.153.216.46:443

54.37.106.167:8080

194.9.172.107:8080

168.197.250.14:80

185.184.25.78:8080

191.252.103.16:80

159.69.237.188:443

eck1.plain

ecs1.plain

Targets

- Target
  
  3e9a5222a5d0a5fef1764486cdccb662d9b27a57760d9b9d6e120102c3eefb44
- Size
  
  465KB
- MD5
  
  a07cae2579cbdcf68cba02d561a7a0dd
- SHA1
  
  979e046e58e8eb4343a556424eebe8207c35c6cd
- SHA256
  
  3e9a5222a5d0a5fef1764486cdccb662d9b27a57760d9b9d6e120102c3eefb44
- SHA512
  
  afd34276af421cd0ab1823e7b7eea84647215d9bf4a06e40ec0ee2c9b9674d153233fc468e320e771f7f2caf7be9393394d170e4a264585c3ef9fb805a85eaa5
- SSDEEP
  
  6144:FhJpSkmTCOtf4y9sG2iRHJ73V2T8KUKuX7WKqrViVrATdD:S3TCOtfFhRh76rViC1
Score

10^/10

emotet epoch5 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2