emotet

General

Target

dbdb6adc78ad19706179a8584f81f0832e620f7b59d60d7707981a56e996c739.exe
Size

60KB
Sample

241124-s8mblssqar
MD5

b05a6938adfad590fb1d614440e8dd1f
SHA1

b417cc32d29546f346a078ef8460e48791fe1581
SHA256

dbdb6adc78ad19706179a8584f81f0832e620f7b59d60d7707981a56e996c739
SHA512

efc9928f243ddc74f367a01f06e8b9c4dc51959b4da939f5c45e5ff3f503d73ee2efc5a9494d52c896509d0dd6640601956e9649431183294bd099451e9d7ab4
SSDEEP

1536:t0LOjAh58gCsdJL6jYFO2sZgKW+Vf2r4Cl:vjAhYsdF6jAO2xp+VVCl

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

107.185.211.16:80

96.8.113.4:8080

153.126.210.205:7080

47.146.117.214:80

104.131.44.150:8080

169.239.182.217:8080

95.179.229.244:8080

209.182.216.177:443

209.141.54.221:8080

5.196.74.210:8080

72.12.127.184:443

104.131.11.150:443

200.55.243.138:8080

116.203.32.252:8080

142.105.151.124:443

81.2.235.111:8080

74.120.55.163:80

167.86.90.214:8080

87.106.139.101:8080

37.139.21.175:8080

rsa_pubkey.plain

Targets

- Target
  
  dbdb6adc78ad19706179a8584f81f0832e620f7b59d60d7707981a56e996c739.exe
- Size
  
  60KB
- MD5
  
  b05a6938adfad590fb1d614440e8dd1f
- SHA1
  
  b417cc32d29546f346a078ef8460e48791fe1581
- SHA256
  
  dbdb6adc78ad19706179a8584f81f0832e620f7b59d60d7707981a56e996c739
- SHA512
  
  efc9928f243ddc74f367a01f06e8b9c4dc51959b4da939f5c45e5ff3f503d73ee2efc5a9494d52c896509d0dd6640601956e9649431183294bd099451e9d7ab4
- SSDEEP
  
  1536:t0LOjAh58gCsdJL6jYFO2sZgKW+Vf2r4Cl:vjAhYsdF6jAO2xp+VVCl
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2