emotet

General

Target

0a14cef8b70099bbe3f92172f7992bf97cbb3c46130f525d046680045ababc00
Size

696KB
Sample

241120-zbzn1aspfx
MD5

95474eb8b838d4602f23f72d10cb866d
SHA1

63cb49ad52cf6ed34d4fb6a76a7b5a5ef0c60d7a
SHA256

0a14cef8b70099bbe3f92172f7992bf97cbb3c46130f525d046680045ababc00
SHA512

2c3ad79bafbe1c90abab782da85d7c3b4aecfdca63ab6526d8c4287b4e0108af76bfbee5f71e19927917a36b3f37cb3f5eaee4d934cdb9ed4bdb0b5e421b40ae
SSDEEP

12288:WKEUkuAOLka1miSmuYr1V7UAobS3qTHPR101D:TEQLka1nBVYAoS3WvR

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch5

C2

51.178.61.60:443

168.197.250.14:80

45.79.33.48:8080

196.44.98.190:8080

177.72.80.14:7080

51.210.242.234:8080

185.148.169.10:8080

142.4.219.173:8080

78.47.204.80:443

78.46.73.125:443

37.44.244.177:8080

37.59.209.141:8080

191.252.103.16:80

54.38.242.185:443

85.214.67.203:8080

54.37.228.122:443

207.148.81.119:8080

195.77.239.39:8080

66.42.57.149:443

195.154.146.35:443

eck1.plain

ecs1.plain

Targets

- Target
  
  0a14cef8b70099bbe3f92172f7992bf97cbb3c46130f525d046680045ababc00
- Size
  
  696KB
- MD5
  
  95474eb8b838d4602f23f72d10cb866d
- SHA1
  
  63cb49ad52cf6ed34d4fb6a76a7b5a5ef0c60d7a
- SHA256
  
  0a14cef8b70099bbe3f92172f7992bf97cbb3c46130f525d046680045ababc00
- SHA512
  
  2c3ad79bafbe1c90abab782da85d7c3b4aecfdca63ab6526d8c4287b4e0108af76bfbee5f71e19927917a36b3f37cb3f5eaee4d934cdb9ed4bdb0b5e421b40ae
- SSDEEP
  
  12288:WKEUkuAOLka1miSmuYr1V7UAobS3qTHPR101D:TEQLka1nBVYAoS3WvR
Score

10^/10

emotet epoch5 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2