emotet

General

Target

3882c07b72b8d867699c50de25b7a86a630a1febfcaa40738c81005b9750e5a9
Size

181KB
Sample

241120-3vt5eawbnh
MD5

d407a49b06039b66012f0984ed0c07b0
SHA1

48642d78f9c3b0f5c3eae84079aff6fd5226e868
SHA256

3882c07b72b8d867699c50de25b7a86a630a1febfcaa40738c81005b9750e5a9
SHA512

b2b1cc2dd2fc6a2829bc32ce5bcdf3b29d84f1f8cbf62328863d280fbb4dfd73c2e301c13244451579d3ea0cf012a1e0e30285f4dacead5f5732ce2a0837dae6
SSDEEP

3072:z9AumHNEwvbRo77hmvswQNsn/GVQp9Ee1NVev7U8glXzSXdCrcJ/il:z9AuqEcb29mUwQNs/Ge0e1N4vuNOXn/

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

178.153.27.12:80

201.193.160.196:80

89.163.210.141:8080

139.162.10.249:8080

203.157.152.9:7080

70.32.89.105:8080

24.245.65.66:80

77.89.249.254:443

116.202.10.123:8080

120.51.34.254:80

110.172.180.180:8080

157.7.164.178:8081

91.75.75.46:80

192.210.217.94:8080

78.90.78.210:80

190.18.184.113:80

180.52.66.193:80

188.166.220.180:7080

139.59.61.215:443

157.245.145.87:443

rsa_pubkey.plain

Targets

- Target
  
  3882c07b72b8d867699c50de25b7a86a630a1febfcaa40738c81005b9750e5a9
- Size
  
  181KB
- MD5
  
  d407a49b06039b66012f0984ed0c07b0
- SHA1
  
  48642d78f9c3b0f5c3eae84079aff6fd5226e868
- SHA256
  
  3882c07b72b8d867699c50de25b7a86a630a1febfcaa40738c81005b9750e5a9
- SHA512
  
  b2b1cc2dd2fc6a2829bc32ce5bcdf3b29d84f1f8cbf62328863d280fbb4dfd73c2e301c13244451579d3ea0cf012a1e0e30285f4dacead5f5732ce2a0837dae6
- SSDEEP
  
  3072:z9AumHNEwvbRo77hmvswQNsn/GVQp9Ee1NVev7U8glXzSXdCrcJ/il:z9AuqEcb29mUwQNs/Ge0e1N4vuNOXn/
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2