emotet

General

Target

3f7dc3b4c0cf68b55dc09cf6a53ac2fcb04cb050c30252f6f6cbdc882b65c657
Size

923KB
Sample

241123-1g7ggatqdq
MD5

e65f609ac92b1ba8ce58ac67c74bfc5f
SHA1

cc7d11c312f3b95c9e13fb00b979ccbb4a56c639
SHA256

3f7dc3b4c0cf68b55dc09cf6a53ac2fcb04cb050c30252f6f6cbdc882b65c657
SHA512

006dd99222f0af36332531ce46847c58c21065a1ccb51fa3eba2033ea66ead85bb6b79cd41c90a6561638bb8872491a8df3239bb52bb5ccfcbe6816911dbc3a0
SSDEEP

12288:HMlCHIWMOZkzNxP+KngRYq3Ocs5PFCJbjhK+pfhf0Lvmq:ACpZkiKngRYbcUYXhK+pfhsL3

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

187.64.128.197:80

198.57.203.63:8080

163.172.107.70:8080

212.112.113.235:80

157.7.164.178:8081

181.167.35.84:80

212.156.133.218:80

185.142.236.163:443

181.143.101.19:8080

75.127.14.170:8080

115.165.3.213:80

190.55.233.156:80

139.59.12.63:8080

144.139.91.187:80

37.70.131.107:80

181.113.229.139:443

41.185.29.128:8080

177.37.81.212:443

5.79.70.250:8080

78.188.170.128:80

rsa_pubkey.plain

Targets

- Target
  
  3f7dc3b4c0cf68b55dc09cf6a53ac2fcb04cb050c30252f6f6cbdc882b65c657
- Size
  
  923KB
- MD5
  
  e65f609ac92b1ba8ce58ac67c74bfc5f
- SHA1
  
  cc7d11c312f3b95c9e13fb00b979ccbb4a56c639
- SHA256
  
  3f7dc3b4c0cf68b55dc09cf6a53ac2fcb04cb050c30252f6f6cbdc882b65c657
- SHA512
  
  006dd99222f0af36332531ce46847c58c21065a1ccb51fa3eba2033ea66ead85bb6b79cd41c90a6561638bb8872491a8df3239bb52bb5ccfcbe6816911dbc3a0
- SSDEEP
  
  12288:HMlCHIWMOZkzNxP+KngRYq3Ocs5PFCJbjhK+pfhf0Lvmq:ACpZkiKngRYbcUYXhK+pfhsL3
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2