emotet

General

Target

e72fd9e226d061c25300a749e63fbb0454328c5c6e4d607015bdba03d37afdc0
Size

578KB
Sample

241120-wtxqksvqap
MD5

f578355207c7051c73f8a81fc11bde17
SHA1

da03eba2033c473cef74556cad1d249c8f243db6
SHA256

e72fd9e226d061c25300a749e63fbb0454328c5c6e4d607015bdba03d37afdc0
SHA512

94681c747ad1a15f805c82d1282e7b3258c05c743fa82a08945bafa4f0c4bb2bed77ff6d775e2dc5f3c33fcf8c35471fefe2484365de36ba77b8b94dea2df28f
SSDEEP

12288:gwtccwVfQec59aEilIc5rmNLm2O1uDnFyXRm6ZM7XNBOxXjiSnD5ANR+a7:HtccwM59aErmFEFyhmFTNBOxziS+NR1

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch4

C2

164.68.99.3:8080

146.59.226.45:443

51.91.76.89:8080

209.97.163.214:443

158.69.222.101:443

82.165.152.127:8080

103.70.28.102:8080

72.15.201.15:8080

150.95.66.124:8080

45.176.232.124:443

82.223.21.224:8080

107.170.39.149:8080

160.16.142.56:8080

103.132.242.26:8080

153.126.146.25:7080

213.241.20.155:443

1.234.21.73:7080

197.242.150.244:8080

188.44.20.25:443

196.218.30.83:443

ecs1.plain

eck1.plain

Targets

- Target
  
  e72fd9e226d061c25300a749e63fbb0454328c5c6e4d607015bdba03d37afdc0
- Size
  
  578KB
- MD5
  
  f578355207c7051c73f8a81fc11bde17
- SHA1
  
  da03eba2033c473cef74556cad1d249c8f243db6
- SHA256
  
  e72fd9e226d061c25300a749e63fbb0454328c5c6e4d607015bdba03d37afdc0
- SHA512
  
  94681c747ad1a15f805c82d1282e7b3258c05c743fa82a08945bafa4f0c4bb2bed77ff6d775e2dc5f3c33fcf8c35471fefe2484365de36ba77b8b94dea2df28f
- SSDEEP
  
  12288:gwtccwVfQec59aEilIc5rmNLm2O1uDnFyXRm6ZM7XNBOxXjiSnD5ANR+a7:HtccwM59aErmFEFyhmFTNBOxziS+NR1
Score

10^/10

emotet epoch4 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2