emotet

General

Target

0f93f179d9a16f0cce81b1dd8124d9efa4dec30ccf540826e14893e58936ad9d
Size

464KB
Sample

241121-a5hvxaxkbw
MD5

cb5b18504289e907d4eae96aee43f836
SHA1

47eb38f7ee87751ab32ce69c21eb71041cad9b56
SHA256

0f93f179d9a16f0cce81b1dd8124d9efa4dec30ccf540826e14893e58936ad9d
SHA512

8edf7eaea447158f4fb0779cc9870fa3e2fa3e51fd100bb7e828058ec1c0029bd36ca596b57bce5993aa1beffd011861f7ef3121b5724fc09b9b23fbf3dbc061
SSDEEP

12288:zvLYew4pGNw6qs7hYufnDtbKGjU0rEP/J:rEskNl77h/Dtbhjno

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

176.216.226.44:80

159.203.232.29:8080

185.86.148.68:443

87.106.231.60:8080

113.161.148.81:80

78.189.60.109:443

192.163.221.191:8080

31.146.61.34:80

37.70.131.107:80

153.220.182.49:80

177.144.130.105:443

181.167.35.84:80

202.5.47.71:80

192.241.220.183:8080

78.188.170.128:80

182.176.95.147:80

87.252.100.28:80

115.78.11.155:80

212.156.133.218:80

203.153.216.178:7080

rsa_pubkey.plain

Targets

- Target
  
  0f93f179d9a16f0cce81b1dd8124d9efa4dec30ccf540826e14893e58936ad9d
- Size
  
  464KB
- MD5
  
  cb5b18504289e907d4eae96aee43f836
- SHA1
  
  47eb38f7ee87751ab32ce69c21eb71041cad9b56
- SHA256
  
  0f93f179d9a16f0cce81b1dd8124d9efa4dec30ccf540826e14893e58936ad9d
- SHA512
  
  8edf7eaea447158f4fb0779cc9870fa3e2fa3e51fd100bb7e828058ec1c0029bd36ca596b57bce5993aa1beffd011861f7ef3121b5724fc09b9b23fbf3dbc061
- SSDEEP
  
  12288:zvLYew4pGNw6qs7hYufnDtbKGjU0rEP/J:rEskNl77h/Dtbhjno
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2