emotet

General

Target

2e282315ebda9b95db02d549ce310f4d44d8d3ee5fb8871bba857c26810236df.exe
Size

392KB
Sample

241125-2llagazngv
MD5

40ce15929c26390022c45453643b2902
SHA1

25f4466b083dafb99b4d21234464503c3d361cfd
SHA256

2e282315ebda9b95db02d549ce310f4d44d8d3ee5fb8871bba857c26810236df
SHA512

eb3a4b675735f09758347c26cecb6be5e1b1dd1668974d06ff2c47bf32f74f02fc47c508c0d984137903942b0ec3338fe6c4420682be80b90913172c3217c566
SSDEEP

6144:hsAXvtkXZjPfQ72jfw9LZ3fUIKonW1WAEgjrqVhZbiQ6OiWa:hZftkJjXCU8Z3cfoIEqc6r

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

73.116.193.136:80

185.94.252.13:443

149.62.173.247:8080

89.32.150.160:8080

185.94.252.12:80

77.90.136.129:8080

83.169.21.32:7080

104.236.161.64:8080

114.109.179.60:80

189.2.177.210:443

68.183.190.199:8080

144.139.91.187:443

185.94.252.27:443

190.181.235.46:80

82.196.15.205:8080

46.28.111.142:7080

181.167.96.215:80

202.62.39.111:80

219.92.13.25:80

191.99.160.58:80

rsa_pubkey.plain

Targets

- Target
  
  2e282315ebda9b95db02d549ce310f4d44d8d3ee5fb8871bba857c26810236df.exe
- Size
  
  392KB
- MD5
  
  40ce15929c26390022c45453643b2902
- SHA1
  
  25f4466b083dafb99b4d21234464503c3d361cfd
- SHA256
  
  2e282315ebda9b95db02d549ce310f4d44d8d3ee5fb8871bba857c26810236df
- SHA512
  
  eb3a4b675735f09758347c26cecb6be5e1b1dd1668974d06ff2c47bf32f74f02fc47c508c0d984137903942b0ec3338fe6c4420682be80b90913172c3217c566
- SSDEEP
  
  6144:hsAXvtkXZjPfQ72jfw9LZ3fUIKonW1WAEgjrqVhZbiQ6OiWa:hZftkJjXCU8Z3cfoIEqc6r
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2