emotet

General

Target

2dfa9d7922f9269de94b2f4caf65510a19865dd16b08464afe4640c30fa2c893
Size

64KB
Sample

241121-ahmwcaxckr
MD5

539c6226d7ef4bacfaf607acf676c3fc
SHA1

33940b85e67a0eaac00b46e845b46357e97d0ff8
SHA256

2dfa9d7922f9269de94b2f4caf65510a19865dd16b08464afe4640c30fa2c893
SHA512

36de6be6a992535ba7f0addececc2ea3bfe5c9f30d6b31a26a3b9132b806859b557775802aecef55c52063e2e5cc6abb990dd5e852092b119f5db819b545739a
SSDEEP

1536:Lwh9NgpdpWDUuNcUksp8FrSZoG76QwVy:Lwh9IdINWilbN

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

179.60.229.168:443

185.94.252.13:443

189.218.165.63:80

77.90.136.129:8080

217.199.160.224:7080

104.131.41.185:8080

2.47.112.152:80

185.94.252.27:443

186.250.52.226:8080

51.255.165.160:8080

68.183.170.114:8080

191.99.160.58:80

104.131.103.37:8080

181.31.211.181:80

202.62.39.111:80

83.169.21.32:7080

87.106.46.107:8080

72.47.248.48:7080

177.75.143.112:443

190.17.195.202:80

rsa_pubkey.plain

Targets

- Target
  
  2dfa9d7922f9269de94b2f4caf65510a19865dd16b08464afe4640c30fa2c893
- Size
  
  64KB
- MD5
  
  539c6226d7ef4bacfaf607acf676c3fc
- SHA1
  
  33940b85e67a0eaac00b46e845b46357e97d0ff8
- SHA256
  
  2dfa9d7922f9269de94b2f4caf65510a19865dd16b08464afe4640c30fa2c893
- SHA512
  
  36de6be6a992535ba7f0addececc2ea3bfe5c9f30d6b31a26a3b9132b806859b557775802aecef55c52063e2e5cc6abb990dd5e852092b119f5db819b545739a
- SSDEEP
  
  1536:Lwh9NgpdpWDUuNcUksp8FrSZoG76QwVy:Lwh9IdINWilbN
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2