emotet

General

Target

065254df62dfc4426873abc52812202c044a72acc52099d6e109cfc2a695d3c4
Size

181KB
Sample

241121-ar61ksxdqj
MD5

b0d074d3f0e1e66f7b6e49dd3c9ad17d
SHA1

cd5e7ce4dd762d43baadd3412c157a6020ad66b3
SHA256

065254df62dfc4426873abc52812202c044a72acc52099d6e109cfc2a695d3c4
SHA512

e7133a211c0b48a94c5b3644f5523ab4465bf768c0b52aae300a0c14571d8b6145895414ee34613cfe4b54a941b1536cadc95ff0e6e7459228b8252d54c09c84
SSDEEP

3072:z9AumHNEwvbmo77hmvswQNsn/GVQp9Ee1NVev7U8glXzSXdCrcJ/il:z9AuqEcbN9mUwQNs/Ge0e1N4vuNOXn/

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

178.153.27.12:80

201.193.160.196:80

89.163.210.141:8080

139.162.10.249:8080

203.157.152.9:7080

70.32.89.105:8080

24.245.65.66:80

77.89.249.254:443

116.202.10.123:8080

120.51.34.254:80

110.172.180.180:8080

157.7.164.178:8081

91.75.75.46:80

192.210.217.94:8080

78.90.78.210:80

190.18.184.113:80

180.52.66.193:80

188.166.220.180:7080

139.59.61.215:443

157.245.145.87:443

rsa_pubkey.plain

Targets

- Target
  
  065254df62dfc4426873abc52812202c044a72acc52099d6e109cfc2a695d3c4
- Size
  
  181KB
- MD5
  
  b0d074d3f0e1e66f7b6e49dd3c9ad17d
- SHA1
  
  cd5e7ce4dd762d43baadd3412c157a6020ad66b3
- SHA256
  
  065254df62dfc4426873abc52812202c044a72acc52099d6e109cfc2a695d3c4
- SHA512
  
  e7133a211c0b48a94c5b3644f5523ab4465bf768c0b52aae300a0c14571d8b6145895414ee34613cfe4b54a941b1536cadc95ff0e6e7459228b8252d54c09c84
- SSDEEP
  
  3072:z9AumHNEwvbmo77hmvswQNsn/GVQp9Ee1NVev7U8glXzSXdCrcJ/il:z9AuqEcbN9mUwQNs/Ge0e1N4vuNOXn/
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2