emotet

General

Target

cfe37301bd6267def3d3e1eea823a38280910268fc4d13c0a637e5add7efaec0
Size

372KB
Sample

241120-2tatpsvdkh
MD5

617f0ad055408a87114e6e2ece893bc5
SHA1

f9d6be43daec0714d8306a818b7a57a7d64d4555
SHA256

cfe37301bd6267def3d3e1eea823a38280910268fc4d13c0a637e5add7efaec0
SHA512

c93b6b352ef095e60f7a6f18ba2064a56283904a1a3971f7c097222017f25d6afd52fb348c52c06ea7e86e0580106e5baed11974d5ecb9bbb64e72f2e70a7928
SSDEEP

6144:oqpqdUS0u6jJ6KfkWdjCuv4ZVmeg755iLNVfhR7tsiQ6OiW:oqp8US0HFXfRBDmLNVfhm6

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

73.116.193.136:80

185.94.252.13:443

149.62.173.247:8080

89.32.150.160:8080

185.94.252.12:80

77.90.136.129:8080

83.169.21.32:7080

104.236.161.64:8080

114.109.179.60:80

189.2.177.210:443

68.183.190.199:8080

144.139.91.187:443

185.94.252.27:443

190.181.235.46:80

82.196.15.205:8080

46.28.111.142:7080

181.167.96.215:80

202.62.39.111:80

219.92.13.25:80

191.99.160.58:80

rsa_pubkey.plain

Targets

- Target
  
  cfe37301bd6267def3d3e1eea823a38280910268fc4d13c0a637e5add7efaec0
- Size
  
  372KB
- MD5
  
  617f0ad055408a87114e6e2ece893bc5
- SHA1
  
  f9d6be43daec0714d8306a818b7a57a7d64d4555
- SHA256
  
  cfe37301bd6267def3d3e1eea823a38280910268fc4d13c0a637e5add7efaec0
- SHA512
  
  c93b6b352ef095e60f7a6f18ba2064a56283904a1a3971f7c097222017f25d6afd52fb348c52c06ea7e86e0580106e5baed11974d5ecb9bbb64e72f2e70a7928
- SSDEEP
  
  6144:oqpqdUS0u6jJ6KfkWdjCuv4ZVmeg755iLNVfhR7tsiQ6OiW:oqp8US0HFXfRBDmLNVfhm6
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2