emotet

General

Target

3c284c5f468ac55777f207902a3232510f6323f6b5d2c29f7dfd89f0a97a447cN.exe
Size

308KB
Sample

241124-p67yrazqcz
MD5

b3ee52a142fcad7e7d029b9f5ae35880
SHA1

76b81bd2b645feb7162ff46d535d37c98ebe54ba
SHA256

3c284c5f468ac55777f207902a3232510f6323f6b5d2c29f7dfd89f0a97a447c
SHA512

90d1b24bf852af0311eeb9f07b21689dc2699697d8f65df6485022a14bdf459eff2e79f7771c3f9d45dbd386d2e38e824bb78f6d507cc71bd6de0bd17fcb2d16
SSDEEP

6144:PqfI2dK4las/gMXzGnZq/Tdb37jqy9o1KPl7TMSa:PqfIJ4lxgMXyUEu8WBY

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

173.94.215.84:80

85.25.207.108:8080

178.128.14.92:8080

60.125.114.64:443

181.126.54.234:80

157.7.164.178:8081

95.216.205.155:8080

216.75.37.196:8080

179.62.238.49:80

71.57.180.213:80

172.96.190.154:8080

112.78.142.170:80

178.238.232.46:443

177.144.130.105:443

105.209.235.113:8080

46.105.131.68:8080

185.86.148.68:443

143.95.101.72:8080

75.127.14.170:8080

168.0.97.6:80

rsa_pubkey.plain

Targets

- Target
  
  3c284c5f468ac55777f207902a3232510f6323f6b5d2c29f7dfd89f0a97a447cN.exe
- Size
  
  308KB
- MD5
  
  b3ee52a142fcad7e7d029b9f5ae35880
- SHA1
  
  76b81bd2b645feb7162ff46d535d37c98ebe54ba
- SHA256
  
  3c284c5f468ac55777f207902a3232510f6323f6b5d2c29f7dfd89f0a97a447c
- SHA512
  
  90d1b24bf852af0311eeb9f07b21689dc2699697d8f65df6485022a14bdf459eff2e79f7771c3f9d45dbd386d2e38e824bb78f6d507cc71bd6de0bd17fcb2d16
- SSDEEP
  
  6144:PqfI2dK4las/gMXzGnZq/Tdb37jqy9o1KPl7TMSa:PqfIJ4lxgMXyUEu8WBY
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2