emotet

General

Target

a7a7ffc0ca5e92c7d93ea5bce1c49adea9e447fabca4baca729b03390a3d10c0
Size

341KB
Sample

241120-y64qrstbmr
MD5

b26ad4eb76940a9618e385f5199ec578
SHA1

8f550899427576667accdd4d35c1282912c5c23a
SHA256

a7a7ffc0ca5e92c7d93ea5bce1c49adea9e447fabca4baca729b03390a3d10c0
SHA512

791c3c474fadbe386fdf4cfe0498f0c142bcaccc140b0c7ec05f5532ec8fc6f98715d66dea22853522b1e48264343c6f069fe87b18d6334a9f7641386f55d74c
SSDEEP

6144:VaKGFRDWxCvoqDV8ZGU9Li0VBh0XjrLsLZCj8Hqd0u4LLF:4W1qGZbLV+YC4H11

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

173.68.199.157:80

59.148.253.194:8080

173.212.197.71:8080

98.103.204.12:443

2.45.176.233:80

45.33.77.42:8080

181.58.181.9:80

219.92.13.25:80

12.163.208.58:80

2.85.9.41:8080

172.104.169.32:8080

149.202.72.142:7080

189.223.16.99:80

216.47.196.104:80

191.97.154.2:80

213.197.182.158:8080

94.176.234.118:443

46.105.114.137:8080

177.144.130.105:8080

174.118.202.24:443

rsa_pubkey.plain

Targets

- Target
  
  a7a7ffc0ca5e92c7d93ea5bce1c49adea9e447fabca4baca729b03390a3d10c0
- Size
  
  341KB
- MD5
  
  b26ad4eb76940a9618e385f5199ec578
- SHA1
  
  8f550899427576667accdd4d35c1282912c5c23a
- SHA256
  
  a7a7ffc0ca5e92c7d93ea5bce1c49adea9e447fabca4baca729b03390a3d10c0
- SHA512
  
  791c3c474fadbe386fdf4cfe0498f0c142bcaccc140b0c7ec05f5532ec8fc6f98715d66dea22853522b1e48264343c6f069fe87b18d6334a9f7641386f55d74c
- SSDEEP
  
  6144:VaKGFRDWxCvoqDV8ZGU9Li0VBh0XjrLsLZCj8Hqd0u4LLF:4W1qGZbLV+YC4H11
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2