emotet

General

Target

281caa686bf570f535bbf6cb094496186d839212236115e7e010e6a487c7aa80
Size

452KB
Sample

241120-z4pdqstame
MD5

e0c0ee2ac2bcc635fd784da1d6d7b88c
SHA1

b07800b7d5cfc70b78c0f2ad6e56b18966f78f0c
SHA256

281caa686bf570f535bbf6cb094496186d839212236115e7e010e6a487c7aa80
SHA512

cf59446cb09e6e5b7f896473f2de7f997f759d38528a499559e31a0e50505b383839ba8853d3287b2defe6b1b7264f7625ebd43ce86d818a247b44161bca914e
SSDEEP

6144:+pD2qZxTRbeOvPuYQM6ILqruCjlpB+IszeczxGwsyc7I27iWgSbF:1oxT5nXzYQqrjzBvieEIiWhh

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

186.138.186.74:443

190.24.243.186:80

68.174.15.223:80

68.183.170.114:8080

45.79.95.107:443

192.241.143.52:8080

159.65.241.220:8080

142.93.114.137:8080

70.123.95.180:80

62.75.143.100:7080

91.242.136.103:80

109.169.86.13:8080

202.62.39.111:80

181.231.220.232:80

188.216.24.204:80

86.42.166.147:80

186.15.83.52:8080

178.79.163.131:8080

114.109.179.60:80

110.170.65.146:80

rsa_pubkey.plain

Targets

- Target
  
  281caa686bf570f535bbf6cb094496186d839212236115e7e010e6a487c7aa80
- Size
  
  452KB
- MD5
  
  e0c0ee2ac2bcc635fd784da1d6d7b88c
- SHA1
  
  b07800b7d5cfc70b78c0f2ad6e56b18966f78f0c
- SHA256
  
  281caa686bf570f535bbf6cb094496186d839212236115e7e010e6a487c7aa80
- SHA512
  
  cf59446cb09e6e5b7f896473f2de7f997f759d38528a499559e31a0e50505b383839ba8853d3287b2defe6b1b7264f7625ebd43ce86d818a247b44161bca914e
- SSDEEP
  
  6144:+pD2qZxTRbeOvPuYQM6ILqruCjlpB+IszeczxGwsyc7I27iWgSbF:1oxT5nXzYQqrjzBvieEIiWhh
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2