emotet

General

Target

44ddd6e0dc8d41fee57180a1c7e65b2c_JaffaCakes118
Size

536KB
Sample

240515-g39n6scg5v
MD5

44ddd6e0dc8d41fee57180a1c7e65b2c
SHA1

87a2cb75649baa5d29d6af7fe471463b1efa0f81
SHA256

44c844010611497807ee6414d488690bf4baf904a3e6b321d244fe374e2a153c
SHA512

783a73b0f08696f7d12fdcfbc1cd3a47d68425781e2991e9102f4a5f6d27a70bc6c3fe1c167ff7ad82b2ba0ceb94ae932ac3907efc20fdd4b7acde22beb0ef9f
SSDEEP

6144:m5B/k88jWYB5wdZskfKh7+Ntrvruh9BkrLmlGVgK:c/k85OGekfkGvruBk/m8Vg

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

85.25.138.55:8080

212.129.24.79:8080

37.187.2.199:443

86.22.221.170:80

190.211.207.11:443

173.249.47.77:8080

94.177.216.217:8080

83.136.245.190:8080

115.78.95.230:443

181.143.194.138:443

5.196.74.210:8080

198.199.114.69:8080

190.228.72.244:53

190.53.135.159:21

189.209.217.49:80

103.39.131.88:80

136.243.177.26:8080

206.189.98.125:8080

91.205.215.66:8080

200.51.94.251:80

rsa_pubkey.plain

Targets

- Target
  
  44ddd6e0dc8d41fee57180a1c7e65b2c_JaffaCakes118
- Size
  
  536KB
- MD5
  
  44ddd6e0dc8d41fee57180a1c7e65b2c
- SHA1
  
  87a2cb75649baa5d29d6af7fe471463b1efa0f81
- SHA256
  
  44c844010611497807ee6414d488690bf4baf904a3e6b321d244fe374e2a153c
- SHA512
  
  783a73b0f08696f7d12fdcfbc1cd3a47d68425781e2991e9102f4a5f6d27a70bc6c3fe1c167ff7ad82b2ba0ceb94ae932ac3907efc20fdd4b7acde22beb0ef9f
- SSDEEP
  
  6144:m5B/k88jWYB5wdZskfKh7+Ntrvruh9BkrLmlGVgK:c/k85OGekfkGvruBk/m8Vg
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2