emotet

General

Target

9615124e014c0c83a19148ca85b719724aacfaec0692f027ed1b7a8d00ce6f82
Size

266KB
Sample

241120-2raqxswbmn
MD5

98e275f4da71dc42cf4381a7b97a0326
SHA1

7effc6a676ca9c1d0bb042cb123b22335481f170
SHA256

9615124e014c0c83a19148ca85b719724aacfaec0692f027ed1b7a8d00ce6f82
SHA512

ba3590b49a992221e4ac0e003b3bef7ddb4e676a10051027808f8f645fd6af9335bb93381e1c1370c8e0b9204fcd20fe2e44b9493dba5eaa6570ba121937929e
SSDEEP

6144:VknN2QU6/ptQkGDzYxjaB8xS4GA/mFCo9QNqbqD:KNZLhe0jSiS41CCo9QwqD

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch5

C2

186.250.48.5:80

168.119.39.118:443

185.168.130.138:443

190.90.233.66:443

159.69.237.188:443

54.37.228.122:443

93.104.209.107:8080

185.148.168.15:8080

198.199.98.78:8080

87.106.97.83:7080

195.77.239.39:8080

37.44.244.177:8080

54.38.242.185:443

185.184.25.78:8080

116.124.128.206:8080

139.196.72.155:8080

128.199.192.135:8080

103.41.204.169:8080

78.47.204.80:443

68.183.93.250:443

eck1.plain

ecs1.plain

Targets

- Target
  
  e7ecaa1349e7f9f1d094fb6ef3ebafe62fecb60d3e6560b9fff0e8856f8aaf25
- Size
  
  412KB
- MD5
  
  d81d700e2c584c4ca50a89fbc445c55e
- SHA1
  
  af2790770890d5cef58c44c3ced8deb858002347
- SHA256
  
  e7ecaa1349e7f9f1d094fb6ef3ebafe62fecb60d3e6560b9fff0e8856f8aaf25
- SHA512
  
  de046938bbb899d26282fbdc59483842e36f486bc55a1db85306e79de7edbf5cd5d04ca9437d1a4dfe9649891e56020c1fac89760b467d2f46fea9a2ec6063b5
- SSDEEP
  
  6144:aH0RW81UplEIb6hRAOf6DXyhCra8yCtS08OB8xS4GE/mFCo3QkgqbqAT:tFpMOfeihCraXuiS4zCCo3QkvqA
Score

10^/10

emotet epoch5 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Loads dropped DLL

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2