emotet

General

Target

dfeec762df1f047ca5370655b4a072086aa743098a194f9e468e3b17062cdb19.exe
Size

64KB
Sample

241123-fe873aymgx
MD5

9cb652ab14de2eb9e474cba9e8459ba5
SHA1

e2a958f89cfb495c6565b0253a51eb39acd147ce
SHA256

dfeec762df1f047ca5370655b4a072086aa743098a194f9e468e3b17062cdb19
SHA512

fa1d92039dea91ab0f3c84a8cd2a4a73a0b3ded0266682036eb8251c5afb8f2532a39c103ffd88b3d1f7271f633cdb68130b0faf0e9f3a4690c829889a5e6c6b
SSDEEP

1536:2wh9KdifpWDUuNcUksp8FrSZoG76QwVy5:2wh9KdifINWilbN5

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

179.60.229.168:443

185.94.252.13:443

189.218.165.63:80

77.90.136.129:8080

217.199.160.224:7080

104.131.41.185:8080

2.47.112.152:80

185.94.252.27:443

186.250.52.226:8080

51.255.165.160:8080

68.183.170.114:8080

191.99.160.58:80

104.131.103.37:8080

181.31.211.181:80

202.62.39.111:80

83.169.21.32:7080

87.106.46.107:8080

72.47.248.48:7080

177.75.143.112:443

190.17.195.202:80

rsa_pubkey.plain

Targets

- Target
  
  dfeec762df1f047ca5370655b4a072086aa743098a194f9e468e3b17062cdb19.exe
- Size
  
  64KB
- MD5
  
  9cb652ab14de2eb9e474cba9e8459ba5
- SHA1
  
  e2a958f89cfb495c6565b0253a51eb39acd147ce
- SHA256
  
  dfeec762df1f047ca5370655b4a072086aa743098a194f9e468e3b17062cdb19
- SHA512
  
  fa1d92039dea91ab0f3c84a8cd2a4a73a0b3ded0266682036eb8251c5afb8f2532a39c103ffd88b3d1f7271f633cdb68130b0faf0e9f3a4690c829889a5e6c6b
- SSDEEP
  
  1536:2wh9KdifpWDUuNcUksp8FrSZoG76QwVy5:2wh9KdifINWilbN5
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2