emotet

General

Target

c51a5c9bf41dd55c5e14ad5a695563bb301f208c71ffebaeedb0e8ddb965bedc
Size

68KB
Sample

241123-dx1brstkal
MD5

5e7abb94e46ce829d475b8f27572f04b
SHA1

0f96a79e339061fb69162215ee763f42cb09c317
SHA256

c51a5c9bf41dd55c5e14ad5a695563bb301f208c71ffebaeedb0e8ddb965bedc
SHA512

3010e249ad34e8112ba26be8db3e1483b69fb7f4a636e00fee0f70f3951b936839ab43294b319934c4378ad0474a0776cfc8b2bcdff5e41daa278017c7d7161e
SSDEEP

1536:i2nOIwpO81j+ws/yLmlTZrUrO1NWx+3q:i2xgF8yLo3NLa

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

202.5.47.71:80

139.99.157.213:8080

188.166.25.84:8080

192.163.221.191:8080

181.113.229.139:443

115.79.195.246:80

113.161.148.81:80

37.46.129.215:8080

190.55.233.156:80

115.165.3.213:80

41.185.29.128:8080

51.38.201.19:7080

178.33.167.120:8080

46.105.131.68:8080

74.208.173.91:8080

143.95.101.72:8080

75.127.14.170:8080

78.188.170.128:80

115.78.11.155:80

203.153.216.182:7080

rsa_pubkey.plain

Targets

- Target
  
  c51a5c9bf41dd55c5e14ad5a695563bb301f208c71ffebaeedb0e8ddb965bedc
- Size
  
  68KB
- MD5
  
  5e7abb94e46ce829d475b8f27572f04b
- SHA1
  
  0f96a79e339061fb69162215ee763f42cb09c317
- SHA256
  
  c51a5c9bf41dd55c5e14ad5a695563bb301f208c71ffebaeedb0e8ddb965bedc
- SHA512
  
  3010e249ad34e8112ba26be8db3e1483b69fb7f4a636e00fee0f70f3951b936839ab43294b319934c4378ad0474a0776cfc8b2bcdff5e41daa278017c7d7161e
- SSDEEP
  
  1536:i2nOIwpO81j+ws/yLmlTZrUrO1NWx+3q:i2xgF8yLo3NLa
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2