emotet

General

Target

0ff598a347b0948645255c3097f17a00e86453003e3f1c5df997c57a73078a08N.exe
Size

150KB
Sample

250110-zydp2sxmct
MD5

5fa42759143295fde3336b347281de80
SHA1

b847b0a5d9291ab37053a5efeb05f1de1aef01a3
SHA256

0ff598a347b0948645255c3097f17a00e86453003e3f1c5df997c57a73078a08
SHA512

2910a3d9ec4a7c1c7690ee99a67ffc235dd60ad9b609eef7de5eca0be79bcae6c899ee1efbaa12ccc2ed08f5edc32c9ff9aad7610458d8ed4bb8b8c8b0f211a4
SSDEEP

3072:27wk52aD1V/3sc6OtoCiQLn6DYW8W9RVBHniL9X+f:27lDX/H6XCicn69RVBHi

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

49.243.9.118:80

167.71.227.113:8080

190.85.46.52:7080

162.144.42.60:8080

86.57.216.23:80

202.166.170.43:80

118.243.83.70:80

36.91.44.183:80

118.33.121.37:80

116.202.10.123:8080

113.193.239.51:443

169.1.211.133:80

192.163.221.191:8080

115.79.59.157:80

51.38.201.19:7080

45.177.120.37:8080

190.194.12.132:80

185.80.172.199:80

128.106.187.110:80

73.55.128.120:80

rsa_pubkey.plain

Targets

- Target
  
  0ff598a347b0948645255c3097f17a00e86453003e3f1c5df997c57a73078a08N.exe
- Size
  
  150KB
- MD5
  
  5fa42759143295fde3336b347281de80
- SHA1
  
  b847b0a5d9291ab37053a5efeb05f1de1aef01a3
- SHA256
  
  0ff598a347b0948645255c3097f17a00e86453003e3f1c5df997c57a73078a08
- SHA512
  
  2910a3d9ec4a7c1c7690ee99a67ffc235dd60ad9b609eef7de5eca0be79bcae6c899ee1efbaa12ccc2ed08f5edc32c9ff9aad7610458d8ed4bb8b8c8b0f211a4
- SSDEEP
  
  3072:27wk52aD1V/3sc6OtoCiQLn6DYW8W9RVBHniL9X+f:27lDX/H6XCicn69RVBHi
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2