emotet

General

Target

21be3e16daed842943fdbcd8be079d4e8bb616799c33e4b099ea832266086721
Size

417KB
Sample

241120-3jce8awgkl
MD5

55fe4741d1904c0f80bd5c5801f44940
SHA1

08ff8a9e6ff5faff055faeb04fbd91c4fef6caff
SHA256

21be3e16daed842943fdbcd8be079d4e8bb616799c33e4b099ea832266086721
SHA512

a5f1e843ac576394e959501648460297d699e46df2007234feaf1986b1f66b593f2eadd9c0de195dd690b00be855ce66e6b262a914df207ec9ebd53a45dfa266
SSDEEP

12288:iMzkcWdxcs52Z8OO+jJpBrfhn6D8AOORgPXKWEr34:iMQtcs5ROO+9vrh6DFOOO5EL4

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch5

C2

45.79.80.198:443

185.168.130.138:443

185.244.166.137:8080

61.7.231.229:443

185.148.168.15:8080

203.153.216.46:443

116.124.128.206:8080

128.199.192.135:8080

61.7.231.226:443

190.90.233.66:443

185.184.25.78:8080

78.46.73.125:443

118.98.72.86:443

195.154.146.35:443

139.196.72.155:8080

159.69.237.188:443

194.9.172.107:8080

62.171.178.147:8080

198.199.98.78:8080

217.182.143.207:443

eck1.plain

ecs1.plain

Targets

- Target
  
  754d29c11273d52960f860394de54b4d025678c81d4e1c3113b5ac831aca48ad
- Size
  
  924KB
- MD5
  
  a4d0568777d67fd12271fd956c9f9eb0
- SHA1
  
  20c55bc44a3930966937f07104072ffdd75dda09
- SHA256
  
  754d29c11273d52960f860394de54b4d025678c81d4e1c3113b5ac831aca48ad
- SHA512
  
  4a89e897376b074f5489228202df59ae6b52de2340801ab7ac2727a0113a02db757bed04eee7856e4265dd32fc2c735e4e216ac3908a5afde079b77d80cb1f39
- SSDEEP
  
  12288:6Tkv3QgK8FedvC9JwY/3XAN2Wt/t6sQvInqtCOOROPXKmb4M:eM48e09yY4N2w/tFQQNOOozb
Score

10^/10

emotet epoch5 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Loads dropped DLL

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2