emotet

General

Target

626a89923c19f746f24084d1677063bdac574f80722e6d6e65c514cf43387c7f
Size

619KB
Sample

241120-3v6s7swhqp
MD5

393523bba006559a6b77c0f918e07447
SHA1

a7bd9214a9b5c0dd094c4830a335108e9dffcf38
SHA256

626a89923c19f746f24084d1677063bdac574f80722e6d6e65c514cf43387c7f
SHA512

6cf9bc70593fdf26e090e3a57fe725b03f88ec99e8d0c4e57835a64f39b2324d33e3fbe6fabed4de2d1e1c3dd59dbbdbcd76f4d9c892189dffcd13ba43a1e523
SSDEEP

12288:PEjZWoYx77JWGEPmbPlrIe7Qj+epfoshujNFT1uAG0:P5NxvJTbPl8/+mfoscRB4AL

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

115.94.207.99:443

5.196.108.185:8080

167.114.153.111:8080

87.106.136.232:8080

62.30.7.67:443

108.46.29.236:80

24.179.13.119:80

89.121.205.18:80

46.105.131.79:8080

173.63.222.65:80

174.45.13.118:80

216.139.123.119:80

172.91.208.86:80

155.186.9.160:80

96.245.227.43:80

102.182.93.220:80

24.230.141.169:80

104.131.123.136:443

104.131.11.150:443

203.153.216.189:7080

rsa_pubkey.plain

Targets

- Target
  
  626a89923c19f746f24084d1677063bdac574f80722e6d6e65c514cf43387c7f
- Size
  
  619KB
- MD5
  
  393523bba006559a6b77c0f918e07447
- SHA1
  
  a7bd9214a9b5c0dd094c4830a335108e9dffcf38
- SHA256
  
  626a89923c19f746f24084d1677063bdac574f80722e6d6e65c514cf43387c7f
- SHA512
  
  6cf9bc70593fdf26e090e3a57fe725b03f88ec99e8d0c4e57835a64f39b2324d33e3fbe6fabed4de2d1e1c3dd59dbbdbcd76f4d9c892189dffcd13ba43a1e523
- SSDEEP
  
  12288:PEjZWoYx77JWGEPmbPlrIe7Qj+epfoshujNFT1uAG0:P5NxvJTbPl8/+mfoscRB4AL
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2