emotet

General

Target

1dff44baab7f30db4f54b1000f02928b5fdd4fe143fc0863676081c1b16f9a2c
Size

432KB
Sample

241120-2rkwwsvcrg
MD5

7bee45471566472625044fe983e5f01c
SHA1

4aa25fe09d9f4dd712f9aabd94d89083355a7cb2
SHA256

1dff44baab7f30db4f54b1000f02928b5fdd4fe143fc0863676081c1b16f9a2c
SHA512

941f7e4a6232afae965c6d9775a5e68dfd19bdc9cb9280d3ec1d7679cdcdc55736deb6f1001e65a8041f80b27f9a42eb066f6226abda4f1b67680f18c9795b11
SSDEEP

6144:jA6gbu5c8hoIaa5fuXiY1nBK6APiJDDr1kX4/E9Y:mbOc8zaag1ncp2Df1X/Ei

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

181.30.61.163:443

209.126.6.222:8080

5.153.250.14:8080

188.135.15.49:80

104.131.41.185:8080

178.250.54.208:8080

50.28.51.143:8080

170.81.48.2:80

87.106.46.107:8080

191.99.160.58:80

187.162.248.237:80

89.32.150.160:8080

46.28.111.142:7080

190.190.148.27:8080

190.115.18.139:8080

178.79.163.131:8080

73.213.208.163:80

219.92.8.17:8080

95.9.180.128:80

212.71.237.140:8080

rsa_pubkey.plain

Targets

- Target
  
  1dff44baab7f30db4f54b1000f02928b5fdd4fe143fc0863676081c1b16f9a2c
- Size
  
  432KB
- MD5
  
  7bee45471566472625044fe983e5f01c
- SHA1
  
  4aa25fe09d9f4dd712f9aabd94d89083355a7cb2
- SHA256
  
  1dff44baab7f30db4f54b1000f02928b5fdd4fe143fc0863676081c1b16f9a2c
- SHA512
  
  941f7e4a6232afae965c6d9775a5e68dfd19bdc9cb9280d3ec1d7679cdcdc55736deb6f1001e65a8041f80b27f9a42eb066f6226abda4f1b67680f18c9795b11
- SSDEEP
  
  6144:jA6gbu5c8hoIaa5fuXiY1nBK6APiJDDr1kX4/E9Y:mbOc8zaag1ncp2Df1X/Ei
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2