emotet

General

Target

b0141021d640b124945abd0bda796d418c2b92c6c78d37c493e0be40f00a3841
Size

448KB
Sample

241120-3m641azral
MD5

8afbd81088405906d7ce5844076e5638
SHA1

6b936a05ab96d20c8788c00fd16dcaacbaabed8c
SHA256

b0141021d640b124945abd0bda796d418c2b92c6c78d37c493e0be40f00a3841
SHA512

f4f7519c0065228b094ceb0d0fa2de2cb27e5831f0785cf1b1a8176978cf99d885f6ee8bee92eae05c6ba3d886ed80f999455950c998b4eb182196f5e279aedc
SSDEEP

12288:PFBDSh9cQZ2ExstHDJ1PGnWHezL29M8cmS:0zZtstHrGnWe+9B

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

47.146.32.175:80

212.51.142.238:8080

200.55.243.138:8080

114.146.222.200:80

153.126.210.205:7080

121.124.124.40:7080

222.214.218.37:4143

67.241.24.163:8080

180.92.239.110:8080

203.153.216.189:7080

119.198.40.179:80

70.167.215.250:8080

168.235.67.138:7080

190.55.181.54:443

139.59.60.244:8080

189.212.199.126:443

78.24.219.147:8080

61.19.246.238:443

137.59.187.107:8080

87.106.139.101:8080

rsa_pubkey.plain

Targets

- Target
  
  b0141021d640b124945abd0bda796d418c2b92c6c78d37c493e0be40f00a3841
- Size
  
  448KB
- MD5
  
  8afbd81088405906d7ce5844076e5638
- SHA1
  
  6b936a05ab96d20c8788c00fd16dcaacbaabed8c
- SHA256
  
  b0141021d640b124945abd0bda796d418c2b92c6c78d37c493e0be40f00a3841
- SHA512
  
  f4f7519c0065228b094ceb0d0fa2de2cb27e5831f0785cf1b1a8176978cf99d885f6ee8bee92eae05c6ba3d886ed80f999455950c998b4eb182196f5e279aedc
- SSDEEP
  
  12288:PFBDSh9cQZ2ExstHDJ1PGnWHezL29M8cmS:0zZtstHrGnWe+9B
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2