emotet

General

Target

466d65e60fb71881e6c9952eff5667ee63662efdbb593a073b99484a5b045ef2
Size

896KB
Sample

241120-zjgs6asenh
MD5

fe208b15705062f074f4fecf2d41a0b4
SHA1

f8012974783de8ae5c23b9a8864b677cec848b6d
SHA256

466d65e60fb71881e6c9952eff5667ee63662efdbb593a073b99484a5b045ef2
SHA512

483d49c67c0a64c683a3c37f7f790d5fac2fb8ada2dd0cae8b4f73b988303b83222a1be9025b3b83bd587431a89b099bb49a4e0aa8dc20b2f3ea1a994dfb6967
SSDEEP

12288:+ZlyqwEmkmauSVd2R3R0EcX0euXBzsUsU3z4ZuF:0m6whk90BiyQ

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

174.100.27.229:80

209.126.6.222:8080

5.153.250.14:8080

192.241.146.84:8080

95.9.180.128:80

77.55.211.77:8080

85.105.140.135:443

45.33.77.42:8080

77.90.136.129:8080

94.176.234.118:443

190.163.31.26:80

190.6.193.152:8080

190.181.235.46:80

81.198.69.61:80

188.2.217.94:80

114.109.179.60:80

83.169.21.32:7080

137.74.106.111:7080

212.231.60.98:80

170.81.48.2:80

rsa_pubkey.plain

Targets

- Target
  
  466d65e60fb71881e6c9952eff5667ee63662efdbb593a073b99484a5b045ef2
- Size
  
  896KB
- MD5
  
  fe208b15705062f074f4fecf2d41a0b4
- SHA1
  
  f8012974783de8ae5c23b9a8864b677cec848b6d
- SHA256
  
  466d65e60fb71881e6c9952eff5667ee63662efdbb593a073b99484a5b045ef2
- SHA512
  
  483d49c67c0a64c683a3c37f7f790d5fac2fb8ada2dd0cae8b4f73b988303b83222a1be9025b3b83bd587431a89b099bb49a4e0aa8dc20b2f3ea1a994dfb6967
- SSDEEP
  
  12288:+ZlyqwEmkmauSVd2R3R0EcX0euXBzsUsU3z4ZuF:0m6whk90BiyQ
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2