emotet

General

Target

e8c46739ada4a92e23990fe78c900203e5d9576b9ffadbd4ab957ffd1da81ab6.exe
Size

60KB
Sample

241125-bldyaazncz
MD5

20549dde5500761eb7c8daa88f5a4b56
SHA1

c0901c8dc40553866d8bb643f6486d9edb44859f
SHA256

e8c46739ada4a92e23990fe78c900203e5d9576b9ffadbd4ab957ffd1da81ab6
SHA512

f9946c091a0d68ecde9e1b33fef372c704f79eb821852fd4388b10690f9da847a24be46467110a11501368fd0cc7dab61bc13321bf5b3bc04b2a144fcc4d2a95
SSDEEP

768:LKEgbXnp5TK0LR8n4oWPj/v5xkkro02iIUUcwORYF97mXYYDENjNUCom:10LOjA//0sUOY9qowiUCV

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

95.9.180.128:80

87.98.218.33:7080

192.187.99.90:8080

190.181.235.46:80

181.129.96.162:8080

172.104.169.32:8080

24.148.98.177:80

202.62.39.111:80

192.241.143.52:8080

51.255.165.160:8080

116.125.120.88:443

89.32.150.160:8080

209.236.123.42:8080

178.79.163.131:8080

191.182.6.118:80

177.66.190.130:80

87.106.46.107:8080

217.199.160.224:7080

66.228.49.173:8080

94.176.234.118:443

rsa_pubkey.plain

Targets

- Target
  
  e8c46739ada4a92e23990fe78c900203e5d9576b9ffadbd4ab957ffd1da81ab6.exe
- Size
  
  60KB
- MD5
  
  20549dde5500761eb7c8daa88f5a4b56
- SHA1
  
  c0901c8dc40553866d8bb643f6486d9edb44859f
- SHA256
  
  e8c46739ada4a92e23990fe78c900203e5d9576b9ffadbd4ab957ffd1da81ab6
- SHA512
  
  f9946c091a0d68ecde9e1b33fef372c704f79eb821852fd4388b10690f9da847a24be46467110a11501368fd0cc7dab61bc13321bf5b3bc04b2a144fcc4d2a95
- SSDEEP
  
  768:LKEgbXnp5TK0LR8n4oWPj/v5xkkro02iIUUcwORYF97mXYYDENjNUCom:10LOjA//0sUOY9qowiUCV
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2