emotet

General

Target

e0bb5f61714515656e31fee7024fe30bfabcc93feda68e4fa198e03ce5547078N.exe
Size

57KB
Sample

241127-labnwstphl
MD5

fa7a97134b837219e5c7cf13664bb5a0
SHA1

a07ae4fd4c158d4b31f7e9c264918baa9cd3ef93
SHA256

e0bb5f61714515656e31fee7024fe30bfabcc93feda68e4fa198e03ce5547078
SHA512

3c39fbea9af4fab8ff60d38dfb2489fd124cb17f4cce6e5207335d069fe97a5c83a3f9b45b407e3f1b52a44f5b5df728485219d60b6b2b1ea0421a648041501a
SSDEEP

768:qLo2dWDwX1fFFbd2H1A5Y20N5L2TMqg5TZfuvZyx7A8xlnEJxoFw0ctLTRSg30ut:AnW8X1fFFbQcYNWvSA8fnGxWw0c6uJR

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

174.113.69.136:80

51.38.124.206:80

82.196.15.205:8080

38.88.126.202:8080

190.115.18.139:8080

98.13.75.196:80

181.30.61.163:443

82.76.111.249:443

181.129.96.162:8080

74.58.215.226:80

68.69.155.181:80

188.135.15.49:80

190.163.31.26:80

50.121.220.50:80

51.159.23.217:443

2.47.112.152:80

185.215.227.107:443

217.13.106.14:8080

70.32.115.157:8080

170.81.48.2:80

rsa_pubkey.plain

Targets

- Target
  
  e0bb5f61714515656e31fee7024fe30bfabcc93feda68e4fa198e03ce5547078N.exe
- Size
  
  57KB
- MD5
  
  fa7a97134b837219e5c7cf13664bb5a0
- SHA1
  
  a07ae4fd4c158d4b31f7e9c264918baa9cd3ef93
- SHA256
  
  e0bb5f61714515656e31fee7024fe30bfabcc93feda68e4fa198e03ce5547078
- SHA512
  
  3c39fbea9af4fab8ff60d38dfb2489fd124cb17f4cce6e5207335d069fe97a5c83a3f9b45b407e3f1b52a44f5b5df728485219d60b6b2b1ea0421a648041501a
- SSDEEP
  
  768:qLo2dWDwX1fFFbd2H1A5Y20N5L2TMqg5TZfuvZyx7A8xlnEJxoFw0ctLTRSg30ut:AnW8X1fFFbQcYNWvSA8fnGxWw0c6uJR
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2