emotet

General

Target

558074b4ef9aace9f2e3cbeec77e9ad853c8c1dab5b5524f3cbf03797937f151
Size

323KB
Sample

241120-x7dejawngl
MD5

14825d219e87f27611a90015de1c83f1
SHA1

851565ce0215477296608e92a85f0b4b75a0c971
SHA256

558074b4ef9aace9f2e3cbeec77e9ad853c8c1dab5b5524f3cbf03797937f151
SHA512

84f427163b8bf4766363db7005827b73d5f7e3c4b57eefbae146c14d767fd94f15b640e9b3d8bfaf81cebb5d25a46fada095e9c21148a92af3dc28eded5282d6
SSDEEP

6144:pgwfTu7kk5ybeyptUjlNt6zr8sJ12HaqBABQOlpEDWOSUq8XUl5ozXOyCx/:S3Yk4aXs3Z1pq8lbEDWh8XUl5ozIR

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch4

C2

169.197.131.16:8080

195.154.253.60:8080

152.89.239.34:443

216.158.226.206:443

159.65.88.10:8080

209.126.98.206:8080

158.69.222.101:443

173.212.193.249:8080

185.157.82.211:8080

81.0.236.90:443

103.75.201.2:443

46.55.222.11:443

159.8.59.82:8080

207.38.84.195:8080

50.116.54.215:443

79.172.212.216:8080

212.237.17.99:8080

212.24.98.99:8080

178.79.147.66:8080

51.254.140.238:7080

eck1.plain

ecs1.plain

Targets

- Target
  
  9d6cdbdfb49c1ee10154fd2979b6f77680aa0bc260b5b2af4ad1a2ec8cc6f98c
- Size
  
  512KB
- MD5
  
  4dbe4f551df9d846a6ef1cc8345e4c0d
- SHA1
  
  84786ab118115266b63c0df516cb5e44ade32b14
- SHA256
  
  9d6cdbdfb49c1ee10154fd2979b6f77680aa0bc260b5b2af4ad1a2ec8cc6f98c
- SHA512
  
  4feb9a847dd7f5f00567eefb074effba67bee12672c6efb74eed69adcb4b5d5ffe1ee9120422a5fef3de1518c91ebecf438aa3dd039c7d68c7825fa3b7f9c3f4
- SSDEEP
  
  12288:lVQtkBkJDg2fwP3bYaDn5JbEDW78XUlNozF:nQvg2fwvbhbEDWLk
Score

10^/10

emotet epoch4 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Loads dropped DLL

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2