emotet

General

Target

6a4ad905ea9176a4098177aac30e4dca71ccdd93d4bbaa4d587262de1d8ebef6
Size

924KB
Sample

241121-a1rx1sxfkq
MD5

88422899e14c6ef2a139222e6c3ae743
SHA1

672dc12fd6f2069d0b45e76f371eb32e4c874f53
SHA256

6a4ad905ea9176a4098177aac30e4dca71ccdd93d4bbaa4d587262de1d8ebef6
SHA512

fbb0e2b33eb538cd7887f6321c7a53fd15f14a9b1f9a2171dcf486e05f6b6cfdd3bd7e8ac1f5439be81d4f71d4c90e1e4ce2a3273dde1d105deaa570b25c7006
SSDEEP

12288:bMlCHIWMOZkzNxP+KngRYq3Ocs5PFCJbjhK+pfyf0LIbSH:cCpZkiKngRYbcUYXhK+pfysLf

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

142.105.151.124:443

62.108.54.22:8080

212.51.142.238:8080

71.208.216.10:80

108.48.41.69:80

83.110.223.58:443

210.165.156.91:80

104.131.44.150:8080

104.236.246.93:8080

5.39.91.110:7080

209.141.54.221:8080

209.182.216.177:443

153.126.210.205:7080

91.211.88.52:7080

180.92.239.110:8080

183.101.175.193:80

162.241.92.219:8080

87.106.139.101:8080

114.146.222.200:80

65.111.120.223:80

rsa_pubkey.plain

Targets

- Target
  
  6a4ad905ea9176a4098177aac30e4dca71ccdd93d4bbaa4d587262de1d8ebef6
- Size
  
  924KB
- MD5
  
  88422899e14c6ef2a139222e6c3ae743
- SHA1
  
  672dc12fd6f2069d0b45e76f371eb32e4c874f53
- SHA256
  
  6a4ad905ea9176a4098177aac30e4dca71ccdd93d4bbaa4d587262de1d8ebef6
- SHA512
  
  fbb0e2b33eb538cd7887f6321c7a53fd15f14a9b1f9a2171dcf486e05f6b6cfdd3bd7e8ac1f5439be81d4f71d4c90e1e4ce2a3273dde1d105deaa570b25c7006
- SSDEEP
  
  12288:bMlCHIWMOZkzNxP+KngRYq3Ocs5PFCJbjhK+pfyf0LIbSH:cCpZkiKngRYbcUYXhK+pfysLf
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2