emotet

General

Target

1880a72494233fc8cf703e4083d88444_JaffaCakes118
Size

532KB
Sample

240505-t5b7xafa2w
MD5

1880a72494233fc8cf703e4083d88444
SHA1

b60166a5ecc885bfb5499703f10a8ffe02330ef7
SHA256

aef15cb2d8a55d05eaad934ed73489e6411562f279efeaf604fb63fc2b957c6a
SHA512

f01a70ed0d02b99dadf3c658678aafc19acc894c2a454a3df426222b9a59d5d99f3fbf09dacebe4d7f653daa3025ef3cdc18176c784bac0e368fd026aae833e1
SSDEEP

6144:1i3lLwdGzHnKSl+hwWu2e8ODcJ0Lv3paCgvgMdyv:1ewYzHKSRWdefDceId

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

94.205.247.10:80

86.22.221.170:80

85.25.255.207:8080

185.94.252.13:443

94.177.216.217:8080

186.4.172.5:20

198.199.114.69:8080

45.33.49.124:443

200.71.148.138:8080

24.45.195.162:7080

136.243.177.26:8080

95.128.43.213:8080

182.176.132.213:8090

190.228.72.244:53

152.89.236.214:8080

27.4.80.183:443

78.24.219.147:8080

62.75.187.192:8080

67.225.229.55:8080

83.136.245.190:8080

rsa_pubkey.plain

Targets

- Target
  
  1880a72494233fc8cf703e4083d88444_JaffaCakes118
- Size
  
  532KB
- MD5
  
  1880a72494233fc8cf703e4083d88444
- SHA1
  
  b60166a5ecc885bfb5499703f10a8ffe02330ef7
- SHA256
  
  aef15cb2d8a55d05eaad934ed73489e6411562f279efeaf604fb63fc2b957c6a
- SHA512
  
  f01a70ed0d02b99dadf3c658678aafc19acc894c2a454a3df426222b9a59d5d99f3fbf09dacebe4d7f653daa3025ef3cdc18176c784bac0e368fd026aae833e1
- SSDEEP
  
  6144:1i3lLwdGzHnKSl+hwWu2e8ODcJ0Lv3paCgvgMdyv:1ewYzHKSRWdefDceId
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2