emotet

General

Target

1d8ed69b6410978db8703c9bbef2c82dae6f8075b80f9d2f8ccbcff75e0fa9d7
Size

588KB
Sample

241121-ajrkxs1lfl
MD5

1f07798df38f6f469e5d7cc1520c793f
SHA1

92e731aeab391c210c14dc016f50f45d5da95855
SHA256

1d8ed69b6410978db8703c9bbef2c82dae6f8075b80f9d2f8ccbcff75e0fa9d7
SHA512

8c86832aa2225c5f0912a6f57d341168cd023302d7d57b967f315d886ccdf924df37f81ac3406ebc209e3511dda8b1ea887341aa2ea2f09344cdf610cfc8d0e2
SSDEEP

12288:CZ1WUafDtia8E2jCm88E7otvY4PjmMPEPH10Km:CZ1WUMtiZd88E7oBY0jJG0Km

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

66.61.94.36:80

159.203.232.29:8080

185.86.148.68:443

74.208.173.91:8080

37.70.131.107:80

212.156.133.218:80

81.17.93.134:80

203.153.216.182:7080

115.79.195.246:80

115.165.3.213:80

216.75.37.196:8080

81.214.253.80:443

192.241.220.183:8080

172.96.190.154:8080

195.201.56.70:8080

105.213.67.88:80

50.116.78.109:8080

188.166.25.84:8080

187.64.128.197:80

198.57.203.63:8080

rsa_pubkey.plain

Targets

- Target
  
  1d8ed69b6410978db8703c9bbef2c82dae6f8075b80f9d2f8ccbcff75e0fa9d7
- Size
  
  588KB
- MD5
  
  1f07798df38f6f469e5d7cc1520c793f
- SHA1
  
  92e731aeab391c210c14dc016f50f45d5da95855
- SHA256
  
  1d8ed69b6410978db8703c9bbef2c82dae6f8075b80f9d2f8ccbcff75e0fa9d7
- SHA512
  
  8c86832aa2225c5f0912a6f57d341168cd023302d7d57b967f315d886ccdf924df37f81ac3406ebc209e3511dda8b1ea887341aa2ea2f09344cdf610cfc8d0e2
- SSDEEP
  
  12288:CZ1WUafDtia8E2jCm88E7otvY4PjmMPEPH10Km:CZ1WUMtiZd88E7oBY0jJG0Km
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2