emotet

General

Target

eeb56d359c6ae7c34d9b7cd0241155ddc84aaeecf7aeb338e6c1bfa5e47868c3
Size

648KB
Sample

241124-fgyjca1mbl
MD5

801b81e7e9f9518eefffd23394c76b6c
SHA1

652a79ae8c1e34150cc80b2c7fbd8d31071fddf7
SHA256

eeb56d359c6ae7c34d9b7cd0241155ddc84aaeecf7aeb338e6c1bfa5e47868c3
SHA512

69e8a436ba6f56db8f9c1c29afa4d45bcb48ab93a04972620011802bd8c8420e47ff4d9fdef195b693a6dcb5cb8a0b2c7e27dc7e8c011a9ccaf4e860851d46c3
SSDEEP

12288:knPmLtqW5lhR5p/gCshHmtERp9kWEPEyuzXNSErQUIKfzAh73:kP0E2hpgCshHmts9dNSILIKbAh73

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch4

C2

138.201.142.73:8080

138.197.147.101:443

134.195.212.50:7080

104.168.154.79:8080

149.56.131.28:8080

129.232.188.93:443

212.24.98.99:8080

119.193.124.41:7080

45.118.115.99:8080

188.44.20.25:443

103.132.242.26:8080

201.94.166.162:443

1.234.21.73:7080

206.189.28.199:8080

185.8.212.130:7080

82.165.152.127:8080

176.104.106.96:8080

173.212.193.249:8080

167.99.115.35:8080

209.126.98.206:8080

eck1.plain

ecs1.plain

Targets

- Target
  
  eeb56d359c6ae7c34d9b7cd0241155ddc84aaeecf7aeb338e6c1bfa5e47868c3
- Size
  
  648KB
- MD5
  
  801b81e7e9f9518eefffd23394c76b6c
- SHA1
  
  652a79ae8c1e34150cc80b2c7fbd8d31071fddf7
- SHA256
  
  eeb56d359c6ae7c34d9b7cd0241155ddc84aaeecf7aeb338e6c1bfa5e47868c3
- SHA512
  
  69e8a436ba6f56db8f9c1c29afa4d45bcb48ab93a04972620011802bd8c8420e47ff4d9fdef195b693a6dcb5cb8a0b2c7e27dc7e8c011a9ccaf4e860851d46c3
- SSDEEP
  
  12288:knPmLtqW5lhR5p/gCshHmtERp9kWEPEyuzXNSErQUIKfzAh73:kP0E2hpgCshHmts9dNSILIKbAh73
Score

10^/10

emotet epoch4 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2