emotet

General

Target

8e44126a2760353925f22894d09bc965baf47edc603528e00d79ad3926a5b7e5
Size

364KB
Sample

241121-a3tjma1qbr
MD5

7e316d56912d065941b084e126d55dd3
SHA1

b0d83c586c45fd9c0631f612aec8a03afd3fb7ec
SHA256

8e44126a2760353925f22894d09bc965baf47edc603528e00d79ad3926a5b7e5
SHA512

4f68b81a63b7e8ae88c27efd0d27e642f0050c0280cbe7d0f1de7c910d9773f2bccd9e6648c080de3afd77ba26520833704dfbb9ecc63e3019f86649fa3c5853
SSDEEP

6144:qRsMh9YQWtcgA70wgF7nJyV6CQK+kIVDRjudJMrt32fFcRmXIeJXjWMmAD:cvm9Y0HFLYRQKqV4epRmxAvAD

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch5

C2

45.63.5.129:443

128.199.192.135:8080

51.178.61.60:443

168.197.250.14:80

177.72.80.14:7080

51.210.242.234:8080

142.4.219.173:8080

78.47.204.80:443

78.46.73.125:443

37.44.244.177:8080

37.59.209.141:8080

191.252.103.16:80

54.38.242.185:443

85.214.67.203:8080

217.182.143.207:443

159.69.237.188:443

210.57.209.142:8080

54.37.228.122:443

207.148.81.119:8080

195.77.239.39:8080

eck1.plain

ecs1.plain

Targets

- Target
  
  8e44126a2760353925f22894d09bc965baf47edc603528e00d79ad3926a5b7e5
- Size
  
  364KB
- MD5
  
  7e316d56912d065941b084e126d55dd3
- SHA1
  
  b0d83c586c45fd9c0631f612aec8a03afd3fb7ec
- SHA256
  
  8e44126a2760353925f22894d09bc965baf47edc603528e00d79ad3926a5b7e5
- SHA512
  
  4f68b81a63b7e8ae88c27efd0d27e642f0050c0280cbe7d0f1de7c910d9773f2bccd9e6648c080de3afd77ba26520833704dfbb9ecc63e3019f86649fa3c5853
- SSDEEP
  
  6144:qRsMh9YQWtcgA70wgF7nJyV6CQK+kIVDRjudJMrt32fFcRmXIeJXjWMmAD:cvm9Y0HFLYRQKqV4epRmxAvAD
Score

10^/10

emotet epoch5 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2