emotet

General

Target

d0f2cbbbbc263512a833253d8aac735af7efd92be2336b088e8a062f23aa2ece
Size

290KB
Sample

241120-2m9dpazkan
MD5

5fbb74a92b677de1c5b7c275c40b54f7
SHA1

e5b4aec9134d56a4582de1162372f684321b53bc
SHA256

d0f2cbbbbc263512a833253d8aac735af7efd92be2336b088e8a062f23aa2ece
SHA512

614277b4b6a8cd1d6dee2c852ca94dca299c99836e96eb8edd1365c04e0728b63cd9504b95824808c97b64f7f750141c81afab3ab9c3ce442f5fa9b76170f293
SSDEEP

6144:sTdeu+kOzCexrQVHDMKgVnyJmMeJHv+MOdxVz5E4F+3HsK13r7uDBhm0:sTckqcHDMvJP+MExFI70DBf

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch4

C2

131.100.24.231:80

103.132.242.26:8080

167.172.253.162:8080

149.56.131.28:8080

209.126.98.206:8080

188.44.20.25:443

212.237.17.99:8080

129.232.188.93:443

160.16.142.56:8080

46.55.222.11:443

1.234.2.232:8080

45.235.8.30:8080

185.157.82.211:8080

158.69.222.101:443

185.4.135.165:8080

27.54.89.58:8080

197.242.150.244:8080

153.126.146.25:7080

183.111.227.137:8080

103.75.201.2:443

ecs1.plain

eck1.plain

Targets

- Target
  
  e26c8c876f5e3b4f850380ff581b551952d21a499693d0966fff205f0ca2f71b
- Size
  
  532KB
- MD5
  
  aa0fd42e7705effed0de2468a43b85b0
- SHA1
  
  b442f50eb162eaf7af6272273e91effbd954abcd
- SHA256
  
  e26c8c876f5e3b4f850380ff581b551952d21a499693d0966fff205f0ca2f71b
- SHA512
  
  1a012c6a5ab755193ee1154735302886c9b2f5f62afb2f31f84fd1c8c0fdcfe6e2df4a43d947c99714ad9f1226a9714304f6a9f6c153c5748bb31d380ff80ee1
- SSDEEP
  
  12288:B4UJY9B+TenWsSEPHjMOUP9uXdt7JpfYNVr9RM54RutCTdJGqIoTCZ4eEsZsHxHy:B4UJY9BSenZSEPHjMOUP9Udt7JpfYNVM
Score

10^/10

emotet epoch4 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2