emotet

General

Target

176460901353bc2512c24a92761df03bae9dacb4120730e14f915b23c147348b
Size

468KB
Sample

241120-1scq8syndn
MD5

35059743cbe9e12ae2d314ccd0a457d5
SHA1

2ba14b0d8d4891cd599111eb3c78fbdb722621b9
SHA256

176460901353bc2512c24a92761df03bae9dacb4120730e14f915b23c147348b
SHA512

9afcf814480fd93c50ff355242ed90c984c28fc876622ea9e5467354aaa08374cbe7f8eb3dbceed2509cc8d52e6c2028d5a4719613f05490a1295df6ece087ac
SSDEEP

6144:vg5alZHCNqClhpALe+/LyK7AF0fY7S2KWCHLNQ:45KCNqQ2a6b7NY7pKxC

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

95.9.180.128:80

87.98.218.33:7080

192.187.99.90:8080

190.181.235.46:80

181.129.96.162:8080

172.104.169.32:8080

24.148.98.177:80

202.62.39.111:80

192.241.143.52:8080

51.255.165.160:8080

116.125.120.88:443

89.32.150.160:8080

209.236.123.42:8080

178.79.163.131:8080

191.182.6.118:80

177.66.190.130:80

87.106.46.107:8080

217.199.160.224:7080

66.228.49.173:8080

94.176.234.118:443

rsa_pubkey.plain

Targets

- Target
  
  176460901353bc2512c24a92761df03bae9dacb4120730e14f915b23c147348b
- Size
  
  468KB
- MD5
  
  35059743cbe9e12ae2d314ccd0a457d5
- SHA1
  
  2ba14b0d8d4891cd599111eb3c78fbdb722621b9
- SHA256
  
  176460901353bc2512c24a92761df03bae9dacb4120730e14f915b23c147348b
- SHA512
  
  9afcf814480fd93c50ff355242ed90c984c28fc876622ea9e5467354aaa08374cbe7f8eb3dbceed2509cc8d52e6c2028d5a4719613f05490a1295df6ece087ac
- SSDEEP
  
  6144:vg5alZHCNqClhpALe+/LyK7AF0fY7S2KWCHLNQ:45KCNqQ2a6b7NY7pKxC
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2