emotet

General

Target

a7319d18937444ae3c23f7cf794c10c8380ef75d00655958ee178751f6bdd250
Size

336KB
Sample

241121-aeka2swnft
MD5

bb1df96b9a8b9a3b231e8c7955fdcd16
SHA1

63eed97b3afd9f61b7affd1eca07351b7fe9b07a
SHA256

a7319d18937444ae3c23f7cf794c10c8380ef75d00655958ee178751f6bdd250
SHA512

3a0aaae30ca04e99a4e6c8d8d23e5a7e9473458dc8312385fdacc68d649eec24b54e787c2b16060f9aee9c97ffda376919eb3330f2269adc2d3c9193a8281875
SSDEEP

6144:Sr7hkhceL5b+ZTTTBx+Dqn9iin9dgn9BvirtToOGtT4Px47:Sn0L8TTTBx+Dqn9iin9dgn9BvitGe5w

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

177.130.51.198:80

91.121.87.90:8080

104.131.144.215:8080

188.226.165.170:8080

2.58.16.86:8080

79.133.6.236:8080

125.200.20.233:80

109.206.139.119:80

188.40.170.197:80

121.117.147.153:443

221.147.142.214:80

88.247.58.26:80

37.205.9.252:7080

213.165.178.214:80

27.83.209.210:443

24.231.51.190:80

192.210.217.94:8080

123.216.134.52:80

179.5.118.12:80

103.80.51.61:8080

rsa_pubkey.plain

Targets

- Target
  
  a7319d18937444ae3c23f7cf794c10c8380ef75d00655958ee178751f6bdd250
- Size
  
  336KB
- MD5
  
  bb1df96b9a8b9a3b231e8c7955fdcd16
- SHA1
  
  63eed97b3afd9f61b7affd1eca07351b7fe9b07a
- SHA256
  
  a7319d18937444ae3c23f7cf794c10c8380ef75d00655958ee178751f6bdd250
- SHA512
  
  3a0aaae30ca04e99a4e6c8d8d23e5a7e9473458dc8312385fdacc68d649eec24b54e787c2b16060f9aee9c97ffda376919eb3330f2269adc2d3c9193a8281875
- SSDEEP
  
  6144:Sr7hkhceL5b+ZTTTBx+Dqn9iin9dgn9BvirtToOGtT4Px47:Sn0L8TTTBx+Dqn9iin9dgn9BvitGe5w
Score

10^/10

discovery emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2