emotet

General

Target

5881de10023c98e98ad11871f984025857d1cc9e80dfa74282a0c6fef4561147
Size

631KB
Sample

241120-x1mdvssdqm
MD5

e05515dbcec491f97e6295c1b917ced1
SHA1

bf69b7e4fefb88f461e4021cfbc36f18f8d4e098
SHA256

5881de10023c98e98ad11871f984025857d1cc9e80dfa74282a0c6fef4561147
SHA512

47c1205857fb2a04ffc810b7f1e7f9657941bff73944869a18aa6c33bda8841f52c0e5272af568047bb1e33c21052fbc3cfb372d447ebb3e2b1df26c2000d560
SSDEEP

6144:h0qEn4V/V/V/V/V8n8OUVzLcCuioAf3vTR0ZTwuL8qLhZHuEgtaCgkZvYj2nU9XF:+8V/V/V/V/VayVfGefv+TcXe

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch4

C2

149.56.131.28:8080

72.15.201.15:8080

207.148.79.14:8080

82.165.152.127:8080

46.55.222.11:443

213.241.20.155:443

163.44.196.120:8080

51.254.140.238:7080

107.170.39.149:8080

188.44.20.25:443

82.223.21.224:8080

172.104.251.154:8080

164.68.99.3:8080

101.50.0.91:8080

129.232.188.93:443

173.212.193.249:8080

103.132.242.26:8080

186.194.240.217:443

37.187.115.122:8080

91.207.28.33:8080

eck1.plain

ecs1.plain

Targets

- Target
  
  5881de10023c98e98ad11871f984025857d1cc9e80dfa74282a0c6fef4561147
- Size
  
  631KB
- MD5
  
  e05515dbcec491f97e6295c1b917ced1
- SHA1
  
  bf69b7e4fefb88f461e4021cfbc36f18f8d4e098
- SHA256
  
  5881de10023c98e98ad11871f984025857d1cc9e80dfa74282a0c6fef4561147
- SHA512
  
  47c1205857fb2a04ffc810b7f1e7f9657941bff73944869a18aa6c33bda8841f52c0e5272af568047bb1e33c21052fbc3cfb372d447ebb3e2b1df26c2000d560
- SSDEEP
  
  6144:h0qEn4V/V/V/V/V8n8OUVzLcCuioAf3vTR0ZTwuL8qLhZHuEgtaCgkZvYj2nU9XF:+8V/V/V/V/VayVfGefv+TcXe
Score

10^/10

emotet epoch4 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2