emotet

General

Target

c65c05463e24e2ad84bf179758533f0abe996010d45e7ae6a7400f442e0e8b57
Size

266KB
Sample

241120-zxk3qsshja
MD5

28b929a64007ce020faff5eccf69427d
SHA1

b51d251ed73dcb954c13d702e81ab451bae49d4f
SHA256

c65c05463e24e2ad84bf179758533f0abe996010d45e7ae6a7400f442e0e8b57
SHA512

b153b7d1942301c3e6ddaffbc5c3d05b6982235e601a96cea52c245d7dd6bad6be50683add3c9ee4b41ccb5c421bdbe4649f6de9dee908289e13bc46a91d01b9
SSDEEP

6144:qknN2QU6/ptQFSm22B8xS4Gc/mFCoHQkaqbqI1maE:ZNZLhM+miS4JCCoHQkFqRaE

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch5

C2

186.250.48.5:80

168.119.39.118:443

185.168.130.138:443

190.90.233.66:443

159.69.237.188:443

54.37.228.122:443

93.104.209.107:8080

185.148.168.15:8080

198.199.98.78:8080

87.106.97.83:7080

195.77.239.39:8080

37.44.244.177:8080

54.38.242.185:443

185.184.25.78:8080

116.124.128.206:8080

139.196.72.155:8080

128.199.192.135:8080

103.41.204.169:8080

78.47.204.80:443

68.183.93.250:443

eck1.plain

ecs1.plain

Targets

- Target
  
  cef2ff5fc72aebe43eb3eecd13350206239b0608766368d1e568503e11e38f0d
- Size
  
  412KB
- MD5
  
  307d78f3323715dc9c2e5ce3508dc4f1
- SHA1
  
  6bc69ec0721a0d5a96cc9eeadefaa88c1d5528b1
- SHA256
  
  cef2ff5fc72aebe43eb3eecd13350206239b0608766368d1e568503e11e38f0d
- SHA512
  
  42779b23841d661c42edd3e61cd6301866ed350c2a336b3360d754681beff49c3bf39a5f301d3f5fd9dbd1a8ee219f677efcc2b40b8dceff8df905c8e29b02c7
- SSDEEP
  
  6144:aH0RW81UplEIb6hRAOf6DXyhCra8ZCtS08OB8xS4GE/mFCo3QkgqbqAT:tFpMOfeihCraiuiS4zCCo3QkvqA
Score

10^/10

emotet epoch5 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Loads dropped DLL

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2