emotet

General

Target

3cd80091414dbefa7be8151c5f4639a63e165df15b7a5619510c6e628a75d532
Size

341KB
Sample

241123-1dd1ratngk
MD5

2b6472e536e1679058b9961c5eb0b5d5
SHA1

e28b6dbb387f1c2d9dc08ef670b7521c0fb65201
SHA256

3cd80091414dbefa7be8151c5f4639a63e165df15b7a5619510c6e628a75d532
SHA512

e7614c48c79e6b484c1a3351c44516587200a193db66323bb2ff1a67ff3c32f4716e125927329e5a5cfddd29cac83340c32b1986e474fd4b5018cd6231a63838
SSDEEP

6144:vxJyYjHgeJwLbsOVGhvRdNFPTjImtnhGlhNDpSCP8rppDc:L3q8+Grd/dhGvNDpSO8pA

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

208.180.207.205:80

167.114.153.111:8080

169.50.76.149:8080

87.106.136.232:8080

134.209.36.254:8080

110.145.77.103:80

61.19.246.238:443

218.147.193.146:80

194.4.58.192:7080

123.176.25.234:80

139.99.158.11:443

174.106.122.139:80

137.59.187.107:8080

37.187.72.193:8080

168.235.67.138:7080

190.108.228.27:443

139.59.60.244:8080

184.180.181.202:80

71.72.196.159:80

47.144.21.12:443

rsa_pubkey.plain

Targets

- Target
  
  3cd80091414dbefa7be8151c5f4639a63e165df15b7a5619510c6e628a75d532
- Size
  
  341KB
- MD5
  
  2b6472e536e1679058b9961c5eb0b5d5
- SHA1
  
  e28b6dbb387f1c2d9dc08ef670b7521c0fb65201
- SHA256
  
  3cd80091414dbefa7be8151c5f4639a63e165df15b7a5619510c6e628a75d532
- SHA512
  
  e7614c48c79e6b484c1a3351c44516587200a193db66323bb2ff1a67ff3c32f4716e125927329e5a5cfddd29cac83340c32b1986e474fd4b5018cd6231a63838
- SSDEEP
  
  6144:vxJyYjHgeJwLbsOVGhvRdNFPTjImtnhGlhNDpSCP8rppDc:L3q8+Grd/dhGvNDpSO8pA
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2