emotet

General

Target

43fa6af89d0e87e5945d408b074176d9_JaffaCakes118
Size

508KB
Sample

240515-bwmm6sba28
MD5

43fa6af89d0e87e5945d408b074176d9
SHA1

f61b133369ece418073f99480d17c9420279a371
SHA256

1bad8383e219f6c3f2e7aabb956696ec1daf94d2a4e96959fb15c560a9e4416d
SHA512

10ff87422178b65c6c0ab1bfc14c8b72d11c46a996e4fdf6d7f7d9f7b309a1a11d80259033cc824cfabc623f27259f45b3ed758bdebc012bd13c5517d5198311
SSDEEP

6144:cD4tnT+zJou0QgC82pGejtQ930xbYVzv2rsFBViXRn3eoECjb67LnTyKadUQF/yP:He2CbYVz+wWeoECfWyhdX+4W

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

113.61.76.239:80

111.125.71.22:8080

80.11.158.65:8080

96.126.121.64:443

104.236.137.72:8080

85.234.143.94:8080

80.85.87.122:8080

190.146.131.105:8080

201.213.32.59:80

192.241.146.84:8080

83.165.163.225:80

63.246.252.234:80

181.198.203.45:443

109.169.86.13:8080

45.50.177.164:80

190.97.30.167:990

5.196.35.138:7080

181.36.42.205:443

119.59.124.163:8080

181.231.62.54:80

rsa_pubkey.plain

Targets

- Target
  
  43fa6af89d0e87e5945d408b074176d9_JaffaCakes118
- Size
  
  508KB
- MD5
  
  43fa6af89d0e87e5945d408b074176d9
- SHA1
  
  f61b133369ece418073f99480d17c9420279a371
- SHA256
  
  1bad8383e219f6c3f2e7aabb956696ec1daf94d2a4e96959fb15c560a9e4416d
- SHA512
  
  10ff87422178b65c6c0ab1bfc14c8b72d11c46a996e4fdf6d7f7d9f7b309a1a11d80259033cc824cfabc623f27259f45b3ed758bdebc012bd13c5517d5198311
- SSDEEP
  
  6144:cD4tnT+zJou0QgC82pGejtQ930xbYVzv2rsFBViXRn3eoECjb67LnTyKadUQF/yP:He2CbYVz+wWeoECfWyhdX+4W
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2