emotet

General

Target

7c2a49c42ff9a4b6fd4fde6346c45b50a3ba1fd5163b2e7c42410dba3a4d865b
Size

448KB
Sample

241120-3afraavgjd
MD5

7b8f66ed57207ed430208b971d6e21fe
SHA1

9a63676747321423b4c337a835088af353addc00
SHA256

7c2a49c42ff9a4b6fd4fde6346c45b50a3ba1fd5163b2e7c42410dba3a4d865b
SHA512

8f1b7f892056d09f4024c1a6b0b58f3bf122c78bed784b56e82d835b7546d4f1b237e36b8ebf3c28e5c6e00b48ff00ebf55c82c6c78cc0677e89d09105feaa3e
SSDEEP

12288:wfzaBuiszJbE9mO4sl9kVlAOyQkNvOzxo0:wbMmO4sl9sR2Ot/

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

174.100.27.229:80

209.126.6.222:8080

5.153.250.14:8080

192.241.146.84:8080

95.9.180.128:80

77.55.211.77:8080

85.105.140.135:443

45.33.77.42:8080

77.90.136.129:8080

94.176.234.118:443

190.163.31.26:80

190.6.193.152:8080

190.181.235.46:80

81.198.69.61:80

188.2.217.94:80

114.109.179.60:80

83.169.21.32:7080

137.74.106.111:7080

212.231.60.98:80

170.81.48.2:80

rsa_pubkey.plain

Targets

- Target
  
  7c2a49c42ff9a4b6fd4fde6346c45b50a3ba1fd5163b2e7c42410dba3a4d865b
- Size
  
  448KB
- MD5
  
  7b8f66ed57207ed430208b971d6e21fe
- SHA1
  
  9a63676747321423b4c337a835088af353addc00
- SHA256
  
  7c2a49c42ff9a4b6fd4fde6346c45b50a3ba1fd5163b2e7c42410dba3a4d865b
- SHA512
  
  8f1b7f892056d09f4024c1a6b0b58f3bf122c78bed784b56e82d835b7546d4f1b237e36b8ebf3c28e5c6e00b48ff00ebf55c82c6c78cc0677e89d09105feaa3e
- SSDEEP
  
  12288:wfzaBuiszJbE9mO4sl9kVlAOyQkNvOzxo0:wbMmO4sl9sR2Ot/
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2