emotet

General

Target

5e4cc988f699b9c2e04c8e66dae5f5962e1e872f93971a97593deef42a0bf881
Size

96KB
Sample

241120-3a9dlavgkf
MD5

a62c14f1e111122b19a64059bef98184
SHA1

fd75be67266c799dbbefc647da28150a8f6939be
SHA256

5e4cc988f699b9c2e04c8e66dae5f5962e1e872f93971a97593deef42a0bf881
SHA512

a5266e269fbf7688a9b477130b6b0376c12651304ce2499529be08910afcd93ef681d42aad2c5fbf208bcd109cf2b4ee5aab920ee8b4a9138022e5f48ad07915
SSDEEP

1536:aNfzLLdNFVzj3f0ZxBwCqVTl6yfcACPEbUN9Ah:aNLLL9Vzj3AZqBNost

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

201.171.150.41:443

94.76.247.61:8080

213.176.36.147:8080

87.106.46.107:8080

209.236.123.42:8080

81.198.69.61:80

77.90.136.129:8080

177.73.0.98:443

190.6.193.152:8080

186.250.52.226:8080

217.13.106.14:8080

178.79.163.131:8080

188.2.217.94:80

51.255.165.160:8080

170.81.48.2:80

45.161.242.102:80

192.187.99.90:8080

187.162.248.237:80

192.241.146.84:8080

219.92.13.25:80

rsa_pubkey.plain

Targets

- Target
  
  5e4cc988f699b9c2e04c8e66dae5f5962e1e872f93971a97593deef42a0bf881
- Size
  
  96KB
- MD5
  
  a62c14f1e111122b19a64059bef98184
- SHA1
  
  fd75be67266c799dbbefc647da28150a8f6939be
- SHA256
  
  5e4cc988f699b9c2e04c8e66dae5f5962e1e872f93971a97593deef42a0bf881
- SHA512
  
  a5266e269fbf7688a9b477130b6b0376c12651304ce2499529be08910afcd93ef681d42aad2c5fbf208bcd109cf2b4ee5aab920ee8b4a9138022e5f48ad07915
- SSDEEP
  
  1536:aNfzLLdNFVzj3f0ZxBwCqVTl6yfcACPEbUN9Ah:aNLLL9Vzj3AZqBNost
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2