emotet

General

Target

bf5251a6c7d41dbdc14cab15b95fdfd2dd2b57b2d8863191c19e4d967e0ff897
Size

236KB
Sample

241120-3thd8awhnk
MD5

9ca9a973be37c00b198704ac4d87f845
SHA1

3d0a7a82d60ef0b6bcbed68dfcb9569137c7492e
SHA256

bf5251a6c7d41dbdc14cab15b95fdfd2dd2b57b2d8863191c19e4d967e0ff897
SHA512

bcbd610c8a294ff87492cf1cb5ac090ef3482710c3305a3c20c30b86e472cd51aaf75eb6932dc45638b0befd0075a0ba4e663c3b93768ae0dc15f092f2579409
SSDEEP

3072:QLdGL9Wt2ltzymHv7BeQj7UnIo9vPaSiGGakrNeH7tdjI9bY07:Ii9WtytJsaSZceHRdj2

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

186.109.104.67:80

185.86.148.68:443

139.99.157.213:8080

203.153.216.178:7080

192.163.221.191:8080

201.235.10.215:80

37.46.129.215:8080

78.189.60.109:443

77.74.78.80:443

143.95.101.72:8080

188.251.213.180:443

31.146.61.34:80

190.53.144.120:80

105.209.235.113:8080

115.78.11.155:80

172.96.190.154:8080

50.116.78.109:8080

188.0.135.237:80

179.62.238.49:80

197.83.232.19:80

rsa_pubkey.plain

Targets

- Target
  
  bf5251a6c7d41dbdc14cab15b95fdfd2dd2b57b2d8863191c19e4d967e0ff897
- Size
  
  236KB
- MD5
  
  9ca9a973be37c00b198704ac4d87f845
- SHA1
  
  3d0a7a82d60ef0b6bcbed68dfcb9569137c7492e
- SHA256
  
  bf5251a6c7d41dbdc14cab15b95fdfd2dd2b57b2d8863191c19e4d967e0ff897
- SHA512
  
  bcbd610c8a294ff87492cf1cb5ac090ef3482710c3305a3c20c30b86e472cd51aaf75eb6932dc45638b0befd0075a0ba4e663c3b93768ae0dc15f092f2579409
- SSDEEP
  
  3072:QLdGL9Wt2ltzymHv7BeQj7UnIo9vPaSiGGakrNeH7tdjI9bY07:Ii9WtytJsaSZceHRdj2
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2