emotet | 68323be8f50085bcd367cf6c69dd20c67c43c480c37b6d9b70e7562e2a1ffe93 | Triage

Sharing

General

Target

2025-04-10_3d270c2139d49c93cf81be6015660548_amadey_elex_smoke-loader
Size

372KB
Sample

250410-f4g5wastgv
MD5

3d270c2139d49c93cf81be6015660548
SHA1

383165cc0ce3df6467c8e97bf8001abfa93f492a
SHA256

68323be8f50085bcd367cf6c69dd20c67c43c480c37b6d9b70e7562e2a1ffe93
SHA512

e5b021289f53e77f25e30cf04d8d895eddeebbf4ac65cedb5e2b08758968f1b8fcd2d32c0b6dedfabadcfdb74b2747b2f8105ba837f7a6771371bda63660e338
SSDEEP

6144:IUFTo8yz1hKUMynLlXPZt5X1s+Iv7gylsRjHysu/Xrki:uzHKUpnLlfZP18Ofu/7ki

Score

10^/10

emotet epoch2 banker discovery trojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

96.252.116.33:80

110.145.11.73:80

185.201.9.197:8080

64.207.182.168:8080

51.89.36.180:443

208.74.26.234:80

89.216.122.92:80

190.164.104.62:80

62.75.141.82:80

94.230.70.6:80

37.187.72.193:8080

72.186.136.247:443

138.68.87.218:443

120.150.60.189:80

24.69.65.8:8080

110.142.236.207:80

74.208.45.104:8080

113.61.66.94:80

74.128.121.17:80

110.145.101.66:443

rsa_pubkey.plain

Targets

- Target
  
  2025-04-10_3d270c2139d49c93cf81be6015660548_amadey_elex_smoke-loader
- Size
  
  372KB
- MD5
  
  3d270c2139d49c93cf81be6015660548
- SHA1
  
  383165cc0ce3df6467c8e97bf8001abfa93f492a
- SHA256
  
  68323be8f50085bcd367cf6c69dd20c67c43c480c37b6d9b70e7562e2a1ffe93
- SHA512
  
  e5b021289f53e77f25e30cf04d8d895eddeebbf4ac65cedb5e2b08758968f1b8fcd2d32c0b6dedfabadcfdb74b2747b2f8105ba837f7a6771371bda63660e338
- SSDEEP
  
  6144:IUFTo8yz1hKUMynLlXPZt5X1s+Iv7gylsRjHysu/Xrki:uzHKUpnLlfZP18Ofu/7ki
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

emotetepoch2bankerdiscoverytrojan