emotet

General

Target

59f3ef4fc0c0635fd1abbd86f6e95d330ef91eaed05cc927766406c253b40c15
Size

116KB
Sample

241120-3sr72awbld
MD5

344c681c0d1b26fffdd201e2800dceb3
SHA1

e2c948a60a25b57809c516ddc4afb9954b2bfc6e
SHA256

59f3ef4fc0c0635fd1abbd86f6e95d330ef91eaed05cc927766406c253b40c15
SHA512

8f5fdcf7b3819e55041b45989a9b178f5052c5189e140ac35d88ec3cfa1cd1c31cfa382063ca8da952d7f64975015d42496f603b51e0b4ae663b0dd79e202b67
SSDEEP

1536:yWVZeZN0RqZoidl5SYuO7aGL7QiReAWVGU9HmHDtN8YBnI:XRq6iGGaa7DReAMGVvpBI

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

186.109.104.67:80

185.86.148.68:443

139.99.157.213:8080

105.213.67.88:80

190.53.144.120:80

203.153.216.182:7080

81.214.253.80:443

195.201.56.70:8080

201.213.177.139:80

31.146.61.34:80

177.144.130.105:443

92.24.51.238:80

197.83.232.19:80

105.209.235.113:8080

188.0.135.237:80

176.9.93.82:7080

190.164.75.175:80

188.251.213.180:443

87.106.231.60:8080

113.161.148.81:80

rsa_pubkey.plain

Targets

- Target
  
  59f3ef4fc0c0635fd1abbd86f6e95d330ef91eaed05cc927766406c253b40c15
- Size
  
  116KB
- MD5
  
  344c681c0d1b26fffdd201e2800dceb3
- SHA1
  
  e2c948a60a25b57809c516ddc4afb9954b2bfc6e
- SHA256
  
  59f3ef4fc0c0635fd1abbd86f6e95d330ef91eaed05cc927766406c253b40c15
- SHA512
  
  8f5fdcf7b3819e55041b45989a9b178f5052c5189e140ac35d88ec3cfa1cd1c31cfa382063ca8da952d7f64975015d42496f603b51e0b4ae663b0dd79e202b67
- SSDEEP
  
  1536:yWVZeZN0RqZoidl5SYuO7aGL7QiReAWVGU9HmHDtN8YBnI:XRq6iGGaa7DReAMGVvpBI
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2