emotet

General

Target

36dd0aa3a982b55dd7e1d478dda4eb8eb8e872d72ebdfb24f9628ab817133f4f
Size

100KB
Sample

241125-z6hnzawrfx
MD5

9fa705b48b57403788517182438eb5fa
SHA1

697abdbbf1c3540a47a96c957bccb3a282be2c44
SHA256

36dd0aa3a982b55dd7e1d478dda4eb8eb8e872d72ebdfb24f9628ab817133f4f
SHA512

212fddb200769a340e3a4b14d4841916e7753741e9652a74cad3e81010c10d83d60dfddd98c087fd4859e5dbd81839b4baeb5bb9b3b063c49d2a40ef3a1cb01c
SSDEEP

1536:8nWLrcvKse5neQTGHfR1l4bhq9nV60+1ZQy/D/C9qBPDWqvbf2q8t:7wyb58nL+AV9qRWqvF

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

221.147.142.214:80

188.40.170.197:80

51.38.50.144:8080

46.22.116.163:7080

190.151.5.131:443

58.27.215.3:8080

179.5.118.12:80

73.100.19.104:80

192.210.217.94:8080

192.163.221.191:8080

103.93.220.182:80

91.213.106.100:8080

190.192.39.136:80

115.79.59.157:80

190.164.135.81:80

91.83.93.103:443

188.166.220.180:7080

116.202.10.123:8080

36.91.44.183:80

77.74.78.80:443

rsa_pubkey.plain

Targets

- Target
  
  36dd0aa3a982b55dd7e1d478dda4eb8eb8e872d72ebdfb24f9628ab817133f4f
- Size
  
  100KB
- MD5
  
  9fa705b48b57403788517182438eb5fa
- SHA1
  
  697abdbbf1c3540a47a96c957bccb3a282be2c44
- SHA256
  
  36dd0aa3a982b55dd7e1d478dda4eb8eb8e872d72ebdfb24f9628ab817133f4f
- SHA512
  
  212fddb200769a340e3a4b14d4841916e7753741e9652a74cad3e81010c10d83d60dfddd98c087fd4859e5dbd81839b4baeb5bb9b3b063c49d2a40ef3a1cb01c
- SSDEEP
  
  1536:8nWLrcvKse5neQTGHfR1l4bhq9nV60+1ZQy/D/C9qBPDWqvbf2q8t:7wyb58nL+AV9qRWqvF
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2