emotet

General

Target

e31504a97d4b1678a461ee08fe27606e41f1f5919d1c2bc3e240fcd571167e1b.exe
Size

964KB
Sample

241205-l494jszkex
MD5

12dce6b95ea2fcf61bc185db89e70f78
SHA1

0a009f7b21eb94cd948c701c0ea3de5480ee8c4e
SHA256

e31504a97d4b1678a461ee08fe27606e41f1f5919d1c2bc3e240fcd571167e1b
SHA512

5e29b3c0084bfa48abd1a5b59cb5b3e6877f489408ed823144f221b160120a42788916cedc98eb7ba837c11797adffc5bb6d2e4463f8a371d3ab0cb3346ed62f
SSDEEP

24576:xjdcxJOPnszNXEwTMDxfurQaDA9RXp2Rb1Uj:DoAPnsNXEwQDxfEQ9xGRUj

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

184.180.181.202:80

169.50.76.149:8080

162.241.140.129:8080

104.131.123.136:443

194.187.133.160:443

71.15.245.148:8080

37.139.21.175:8080

104.131.11.150:443

118.83.154.64:443

24.137.76.62:80

79.137.83.50:443

69.206.132.149:80

110.142.236.207:80

123.176.25.234:80

120.150.60.189:80

209.54.13.14:80

95.213.236.64:8080

209.141.54.221:8080

96.245.227.43:80

87.106.139.101:8080

rsa_pubkey.plain

Targets

- Target
  
  e31504a97d4b1678a461ee08fe27606e41f1f5919d1c2bc3e240fcd571167e1b.exe
- Size
  
  964KB
- MD5
  
  12dce6b95ea2fcf61bc185db89e70f78
- SHA1
  
  0a009f7b21eb94cd948c701c0ea3de5480ee8c4e
- SHA256
  
  e31504a97d4b1678a461ee08fe27606e41f1f5919d1c2bc3e240fcd571167e1b
- SHA512
  
  5e29b3c0084bfa48abd1a5b59cb5b3e6877f489408ed823144f221b160120a42788916cedc98eb7ba837c11797adffc5bb6d2e4463f8a371d3ab0cb3346ed62f
- SSDEEP
  
  24576:xjdcxJOPnszNXEwTMDxfurQaDA9RXp2Rb1Uj:DoAPnsNXEwQDxfEQ9xGRUj
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2