emotet

General

Target

7ab6d1505625a14a515da46390ee8c3c121322d7af273cff0cb63b577266fed1
Size

923KB
Sample

241120-3szbcawhlr
MD5

a5b192f6258e51f5d5b8fc360c417951
SHA1

f07aec1f459045ea203d60ad5c508f3615684019
SHA256

7ab6d1505625a14a515da46390ee8c3c121322d7af273cff0cb63b577266fed1
SHA512

5aba99656bca3ef013b770bdb8500a8033641cd8821bf79e8a0ae5d378076cec873b59b4bd449ad91e568447f4b0736704c63f356c5b49d56191841cab1f5331
SSDEEP

12288:bMlCHIWMOZkzNxP+KngRYq3Ocs5PFCJbjhK+pfOf0LqiVN:cCpZkiKngRYbcUYXhK+pfOsLq6

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

73.116.193.136:80

185.94.252.13:443

149.62.173.247:8080

89.32.150.160:8080

185.94.252.12:80

77.90.136.129:8080

83.169.21.32:7080

104.236.161.64:8080

114.109.179.60:80

189.2.177.210:443

68.183.190.199:8080

144.139.91.187:443

185.94.252.27:443

190.181.235.46:80

82.196.15.205:8080

46.28.111.142:7080

181.167.96.215:80

202.62.39.111:80

219.92.13.25:80

191.99.160.58:80

rsa_pubkey.plain

Targets

- Target
  
  7ab6d1505625a14a515da46390ee8c3c121322d7af273cff0cb63b577266fed1
- Size
  
  923KB
- MD5
  
  a5b192f6258e51f5d5b8fc360c417951
- SHA1
  
  f07aec1f459045ea203d60ad5c508f3615684019
- SHA256
  
  7ab6d1505625a14a515da46390ee8c3c121322d7af273cff0cb63b577266fed1
- SHA512
  
  5aba99656bca3ef013b770bdb8500a8033641cd8821bf79e8a0ae5d378076cec873b59b4bd449ad91e568447f4b0736704c63f356c5b49d56191841cab1f5331
- SSDEEP
  
  12288:bMlCHIWMOZkzNxP+KngRYq3Ocs5PFCJbjhK+pfOf0LqiVN:cCpZkiKngRYbcUYXhK+pfOsLq6
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2