emotet

General

Target

08ec9f7a2290b11d5ec547336893fff48b22f20ce1d3347a58094a34e10fc17a
Size

476KB
Sample

241229-yaef1awkh1
MD5

520ece4e673d15e7ceb122be96b24fa8
SHA1

9d5f92dcf063dfd93c6adad45a01ce8880f93c8d
SHA256

08ec9f7a2290b11d5ec547336893fff48b22f20ce1d3347a58094a34e10fc17a
SHA512

fdadd6682431510a1163953cda7777491359eb92b85ed90dec78f65c251213b670df47e2b23d304fa78aa8f25899333d99ac488bfcd764c254837d357459f093
SSDEEP

6144:ZyJebXsaxJylj7wURe4bdV6t23Yy7XihO6+edQA19ouYfITfRWiQEyD6pmJTZNUQ:ZyJ+LyljkURe4batiXPHW+dZ

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

68.44.137.144:443

82.223.70.24:8080

101.187.104.105:80

178.20.74.212:80

98.15.140.226:80

209.97.168.52:8080

74.208.45.104:8080

169.239.182.217:8080

176.111.60.55:8080

87.106.136.232:8080

46.105.131.69:443

93.51.50.171:8080

62.75.187.192:8080

185.94.252.104:443

190.160.53.126:80

50.116.86.205:8080

80.102.134.174:8080

110.145.77.103:80

113.160.130.116:8443

60.130.173.117:80

rsa_pubkey.plain

1
-----BEGIN PUBLIC KEY-----
2
MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhANQOcBKvh5xEW7VcJ9totsjdBwuAclxS
3
Q0e09fk8V053lktpW3TRrzAW63yt6j1KWnyxMrU3igFXypBoI4lVNmkje4UPtIIS
4
fkzjEIvG1v/ZNn1k0J0PfFTxbFFeUEs3AwIDAQAB
5
-----END PUBLIC KEY-----

Targets

- Target
  
  08ec9f7a2290b11d5ec547336893fff48b22f20ce1d3347a58094a34e10fc17a
- Size
  
  476KB
- MD5
  
  520ece4e673d15e7ceb122be96b24fa8
- SHA1
  
  9d5f92dcf063dfd93c6adad45a01ce8880f93c8d
- SHA256
  
  08ec9f7a2290b11d5ec547336893fff48b22f20ce1d3347a58094a34e10fc17a
- SHA512
  
  fdadd6682431510a1163953cda7777491359eb92b85ed90dec78f65c251213b670df47e2b23d304fa78aa8f25899333d99ac488bfcd764c254837d357459f093
- SSDEEP
  
  6144:ZyJebXsaxJylj7wURe4bdV6t23Yy7XihO6+edQA19ouYfITfRWiQEyD6pmJTZNUQ:ZyJ+LyljkURe4batiXPHW+dZ
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

We care about your privacy.