emotet

General

Target

9b87554944ae46116e9c3418b0d3af7961efbedcadfd21b812264fa3043ddb43
Size

397KB
Sample

241120-wrag9szgjd
MD5

d70a36edd0d9475df90642f89c92862e
SHA1

00c8925a9ea3ae5846d662f2ff0fb26e8ced487b
SHA256

9b87554944ae46116e9c3418b0d3af7961efbedcadfd21b812264fa3043ddb43
SHA512

6173e872d5e1f0b79153b3df9e191b8664b0159d008f69253e501bde2d0ddea7b9ea4ecf9d1b15a508151ea460e9ace61d168afc709d4f7c48cab11f201c94ce
SSDEEP

12288:+LfZJA+7IFazd7cZdPJ6FTltnlcILFY6s1B:yfNIFaI8FTl5Lv0

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch4

C2

45.76.1.145:443

217.182.25.250:8080

119.193.124.41:7080

192.99.251.50:443

146.59.226.45:443

173.212.193.249:8080

207.38.84.195:8080

45.118.135.203:7080

31.24.158.56:8080

209.126.98.206:8080

212.237.17.99:8080

216.158.226.206:443

50.30.40.196:8080

82.165.152.127:8080

159.8.59.82:8080

107.182.225.142:8080

110.232.117.186:8080

72.15.201.15:8080

5.9.116.246:8080

79.172.212.216:8080

eck1.plain

ecs1.plain

Targets

- Target
  
  4a51a4936a3a5d5005a9ede6d961c9155a70f5d149d431737813b189115b7743
- Size
  
  664KB
- MD5
  
  26fd47cdbc4b4f4fa82497fa21427e11
- SHA1
  
  8d358079afc77c3e9f3eee69937e52de60f9a0bc
- SHA256
  
  4a51a4936a3a5d5005a9ede6d961c9155a70f5d149d431737813b189115b7743
- SHA512
  
  f7fe2be19900e62ca5a56c9da3763b8a9fbf260e8d3578bc6c65c9806dfac44ff05443f56517abb04cc4a3c92b9d1048df0c9892d4a01255b17839982c7955b1
- SSDEEP
  
  12288:jc899XKPmN4WMkoo6ZPJSFTdtXlcIL9v6O8:7GP7TgFTdFL9v6F
Score

10^/10

emotet epoch4 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Loads dropped DLL

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2