emotet

General

Target

f205a7b14140e05d5d2244fb56e50c8c08971b129e7db187daa70a83e9239c12
Size

264KB
Sample

241120-w354bavrfj
MD5

70d97962a2603b7947851c82c61dc9da
SHA1

66929e2d81cfa09e06f0255ad03ba392e55ebbf3
SHA256

f205a7b14140e05d5d2244fb56e50c8c08971b129e7db187daa70a83e9239c12
SHA512

4dd1397eaf6b636eafeac37af3a984f1fdce3a98d939fb0f0de371b467141cc6ff91a4a85ff9e66ab9462e0f30224e7abe16f249d231745d5787a5705265c0e2
SSDEEP

3072:7R7ge82w+Oh+UjuFJrfr7CS/FmikytkqroMdjaWtHCqPZ4PEx2ES2vZg3f4L5ZJi:7lXJuk4uFxOmFwytLVxDtfPZ4PE2sPs5

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch4

C2

94.23.45.86:4143

129.232.188.93:443

213.241.20.155:443

197.242.150.244:8080

172.104.251.154:8080

46.55.222.11:443

82.223.21.224:8080

5.9.116.246:8080

1.234.2.232:8080

146.59.226.45:443

160.16.142.56:8080

115.68.227.76:8080

72.15.201.15:8080

188.44.20.25:443

185.4.135.165:8080

103.132.242.26:8080

173.212.193.249:8080

163.44.196.120:8080

183.111.227.137:8080

149.56.131.28:8080

eck1.plain

ecs1.plain

Targets

- Target
  
  f205a7b14140e05d5d2244fb56e50c8c08971b129e7db187daa70a83e9239c12
- Size
  
  264KB
- MD5
  
  70d97962a2603b7947851c82c61dc9da
- SHA1
  
  66929e2d81cfa09e06f0255ad03ba392e55ebbf3
- SHA256
  
  f205a7b14140e05d5d2244fb56e50c8c08971b129e7db187daa70a83e9239c12
- SHA512
  
  4dd1397eaf6b636eafeac37af3a984f1fdce3a98d939fb0f0de371b467141cc6ff91a4a85ff9e66ab9462e0f30224e7abe16f249d231745d5787a5705265c0e2
- SSDEEP
  
  3072:7R7ge82w+Oh+UjuFJrfr7CS/FmikytkqroMdjaWtHCqPZ4PEx2ES2vZg3f4L5ZJi:7lXJuk4uFxOmFwytLVxDtfPZ4PE2sPs5
Score

10^/10

emotet epoch4 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2