emotet

General

Target

9c6783250d851df7d21e27e265d5c783936e0a44420e34b0bff8c05ff5c369fb
Size

728KB
Sample

241120-znjtbasrd1
MD5

dd7f5c1dc87455467b4734d23818e05a
SHA1

8102c1b8bc964fc12f7018e3cec6e4fac5e7ef1b
SHA256

9c6783250d851df7d21e27e265d5c783936e0a44420e34b0bff8c05ff5c369fb
SHA512

e46d01efc6ae1add187e1a4fcd33bf0100abc3dfcd0587315b9c0e856e487a9caf973b4f7db57e81c5a026c3ee7337de3df7892b0b2db493c6a0ab1c7551f5a2
SSDEEP

12288:aIabL1+x29hs+bDBLKhKmCKzTrj6i0I8PxiGhWzx+o8/NQfN7IT5p:XabLXhs7AZKzvjnT0hWzP8/yfRIT3

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch5

C2

68.183.91.111:8080

164.52.194.45:8080

202.29.239.162:443

54.38.143.246:7080

54.37.106.167:8080

185.148.168.220:8080

196.44.98.190:8080

175.126.176.79:8080

207.148.81.119:8080

37.59.209.141:8080

103.42.58.120:7080

54.37.228.122:443

68.183.93.250:443

66.42.57.149:443

45.71.195.104:8080

78.47.204.80:443

128.199.192.135:8080

195.154.146.35:443

118.98.72.86:443

116.124.128.206:8080

eck1.plain

ecs1.plain

Targets

- Target
  
  9c6783250d851df7d21e27e265d5c783936e0a44420e34b0bff8c05ff5c369fb
- Size
  
  728KB
- MD5
  
  dd7f5c1dc87455467b4734d23818e05a
- SHA1
  
  8102c1b8bc964fc12f7018e3cec6e4fac5e7ef1b
- SHA256
  
  9c6783250d851df7d21e27e265d5c783936e0a44420e34b0bff8c05ff5c369fb
- SHA512
  
  e46d01efc6ae1add187e1a4fcd33bf0100abc3dfcd0587315b9c0e856e487a9caf973b4f7db57e81c5a026c3ee7337de3df7892b0b2db493c6a0ab1c7551f5a2
- SSDEEP
  
  12288:aIabL1+x29hs+bDBLKhKmCKzTrj6i0I8PxiGhWzx+o8/NQfN7IT5p:XabLXhs7AZKzvjnT0hWzP8/yfRIT3
Score

10^/10

emotet epoch5 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2