emotet

General

Target

b8ee2d6a048dceeb33028546e76c28b0075946b10762b1554fb3a85a3ec21f91
Size

700KB
Sample

241120-2k589avmf1
MD5

843504ebb017aa60b9bfc8a38b9b08a1
SHA1

09f4e3bf45e0f76906a00e5fac06a7c98c88c430
SHA256

b8ee2d6a048dceeb33028546e76c28b0075946b10762b1554fb3a85a3ec21f91
SHA512

6e0afabfbc96a594cd877d7953135356f54912f5c58db446f78e5566606f9d390e45db297d90376da05ec551981beface661ca585b355c8fc4efda8e961efcf4
SSDEEP

12288:BBVbS8WpG2pxlqnBc2dtqvgqDtpGCoLpwT62qX+cs4c0:bJSjtpxlmNdtjqRpJV6/X+6p

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

98.178.241.106:80

190.171.153.139:80

179.5.118.12:8080

45.79.75.232:8080

124.150.175.133:80

164.68.115.146:8080

5.189.148.98:8080

46.105.128.215:8080

67.254.196.78:443

95.216.207.86:7080

181.46.176.38:80

98.15.140.226:80

217.12.70.226:80

115.179.91.58:80

41.190.148.90:80

162.144.46.90:8080

211.218.105.101:80

212.129.14.27:8080

120.51.83.89:443

200.41.121.69:443

rsa_pubkey.plain

Targets

- Target
  
  b8ee2d6a048dceeb33028546e76c28b0075946b10762b1554fb3a85a3ec21f91
- Size
  
  700KB
- MD5
  
  843504ebb017aa60b9bfc8a38b9b08a1
- SHA1
  
  09f4e3bf45e0f76906a00e5fac06a7c98c88c430
- SHA256
  
  b8ee2d6a048dceeb33028546e76c28b0075946b10762b1554fb3a85a3ec21f91
- SHA512
  
  6e0afabfbc96a594cd877d7953135356f54912f5c58db446f78e5566606f9d390e45db297d90376da05ec551981beface661ca585b355c8fc4efda8e961efcf4
- SSDEEP
  
  12288:BBVbS8WpG2pxlqnBc2dtqvgqDtpGCoLpwT62qX+cs4c0:bJSjtpxlmNdtjqRpJV6/X+6p
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2