emotet

General

Target

e71a2121a8a8ce4e094245443deed21c99f20bf3dea7ed00e374c3e6b0824b48
Size

588KB
Sample

241121-avafsa1nfq
MD5

3946a1a2e6f1062af2a3541a4cb0ac64
SHA1

2e44846a04e8a415f487ee65392bb32f040ba04a
SHA256

e71a2121a8a8ce4e094245443deed21c99f20bf3dea7ed00e374c3e6b0824b48
SHA512

77a737412ff112f4c56f5e48308338f141e03d2d4cc4461a8a65a410454af6b7adf5a8dac2c2ca72041e8447999f700b3437428f4da1b2cdf03f0dcc229bf327
SSDEEP

12288:1Z1WUafDtia8E2jCm88E7otvY4PjmMPEPH10Zm:1Z1WUMtiZd88E7oBY0jJG0Zm

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

66.61.94.36:80

159.203.232.29:8080

185.86.148.68:443

74.208.173.91:8080

37.70.131.107:80

212.156.133.218:80

81.17.93.134:80

203.153.216.182:7080

115.79.195.246:80

115.165.3.213:80

216.75.37.196:8080

81.214.253.80:443

192.241.220.183:8080

172.96.190.154:8080

195.201.56.70:8080

105.213.67.88:80

50.116.78.109:8080

188.166.25.84:8080

187.64.128.197:80

198.57.203.63:8080

rsa_pubkey.plain

Targets

- Target
  
  e71a2121a8a8ce4e094245443deed21c99f20bf3dea7ed00e374c3e6b0824b48
- Size
  
  588KB
- MD5
  
  3946a1a2e6f1062af2a3541a4cb0ac64
- SHA1
  
  2e44846a04e8a415f487ee65392bb32f040ba04a
- SHA256
  
  e71a2121a8a8ce4e094245443deed21c99f20bf3dea7ed00e374c3e6b0824b48
- SHA512
  
  77a737412ff112f4c56f5e48308338f141e03d2d4cc4461a8a65a410454af6b7adf5a8dac2c2ca72041e8447999f700b3437428f4da1b2cdf03f0dcc229bf327
- SSDEEP
  
  12288:1Z1WUafDtia8E2jCm88E7otvY4PjmMPEPH10Zm:1Z1WUMtiZd88E7oBY0jJG0Zm
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2