emotet

General

Target

d39edf90e3b9643cfc51217365364b004cabaa170c07caa3432b7315aece0afd
Size

300KB
Sample

241120-2ctkgsvale
MD5

74724e87a9e6a70672bbb8afeba9fa92
SHA1

225c74de6ffaac6358b63c070d897b429a33745d
SHA256

d39edf90e3b9643cfc51217365364b004cabaa170c07caa3432b7315aece0afd
SHA512

5dd1207fdefc9988869b293f2ca6ee72e382636ee3fa359a99795e6d47d5a31a0d9d0f4118590637755fe5e9267ede8a3b2b3d587a5dc09714a38320c1d521cf
SSDEEP

6144:2BW3qfvKcJA6paL++acj5205qvVuV7gQtKETSUR:2U3qfzu6pKQcUOgXK

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

92.24.51.238:80

139.99.157.213:8080

188.166.25.84:8080

81.214.253.80:443

5.79.70.250:8080

41.185.29.128:8080

181.164.110.7:80

177.37.81.212:443

203.153.216.178:7080

178.33.167.120:8080

77.74.78.80:443

37.70.131.107:80

190.164.75.175:80

75.127.14.170:8080

78.188.170.128:80

113.161.148.81:80

105.209.235.113:8080

177.144.130.105:443

81.17.93.134:80

181.134.9.162:80

rsa_pubkey.plain

Targets

- Target
  
  d39edf90e3b9643cfc51217365364b004cabaa170c07caa3432b7315aece0afd
- Size
  
  300KB
- MD5
  
  74724e87a9e6a70672bbb8afeba9fa92
- SHA1
  
  225c74de6ffaac6358b63c070d897b429a33745d
- SHA256
  
  d39edf90e3b9643cfc51217365364b004cabaa170c07caa3432b7315aece0afd
- SHA512
  
  5dd1207fdefc9988869b293f2ca6ee72e382636ee3fa359a99795e6d47d5a31a0d9d0f4118590637755fe5e9267ede8a3b2b3d587a5dc09714a38320c1d521cf
- SSDEEP
  
  6144:2BW3qfvKcJA6paL++acj5205qvVuV7gQtKETSUR:2U3qfzu6pKQcUOgXK
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2