emotet

General

Target

c55a1845fb92a1268373c26f59ce456c56415c19be52839dbf6a1749667532b6
Size

418KB
Sample

241120-zh1jwasemg
MD5

ca02118a4e38e6c5454789213e756eab
SHA1

e240bfd274a903c7c4f956b3c6d192e4be0dce2a
SHA256

c55a1845fb92a1268373c26f59ce456c56415c19be52839dbf6a1749667532b6
SHA512

ef3995a4e99cd93675e9f646d1aff5930e474c304a84a22a1e16427737ebf5095df4bedee8d4d2d1209f977555614aea2b69beb061bda750b18eebc0731e3473
SSDEEP

12288:zXsObAC+H3bd40FM1Opzwt4t/tltJt004m6E0p:zzMC+HTFM1OpzanF

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

78.206.229.130:80

104.131.92.244:8080

70.39.251.94:8080

87.230.25.43:8080

79.118.74.90:80

82.76.111.249:443

82.76.52.155:80

212.71.237.140:8080

188.251.213.180:80

103.236.179.162:80

1.226.84.243:8080

70.32.84.74:8080

2.84.12.98:80

201.213.177.139:80

177.73.0.98:443

170.81.48.2:80

129.232.220.11:8080

177.144.130.105:8080

213.52.74.198:80

120.72.18.91:80

rsa_pubkey.plain

Targets

- Target
  
  c55a1845fb92a1268373c26f59ce456c56415c19be52839dbf6a1749667532b6
- Size
  
  418KB
- MD5
  
  ca02118a4e38e6c5454789213e756eab
- SHA1
  
  e240bfd274a903c7c4f956b3c6d192e4be0dce2a
- SHA256
  
  c55a1845fb92a1268373c26f59ce456c56415c19be52839dbf6a1749667532b6
- SHA512
  
  ef3995a4e99cd93675e9f646d1aff5930e474c304a84a22a1e16427737ebf5095df4bedee8d4d2d1209f977555614aea2b69beb061bda750b18eebc0731e3473
- SSDEEP
  
  12288:zXsObAC+H3bd40FM1Opzwt4t/tltJt004m6E0p:zzMC+HTFM1OpzanF
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2