emotet

General

Target

56e77137fe682805d5a540a5b3291f47_JaffaCakes118
Size

396KB
Sample

240518-1d7m3agg3x
MD5

56e77137fe682805d5a540a5b3291f47
SHA1

cbf63fa68e138d294b4dda40b764e9fc5619dac4
SHA256

70dd7f52df778d83cabfa5b3f607d0cb41a972067217ce6f42582652bf5a45b9
SHA512

0aff67bd86cf339bbcceb0445e7f08a52ab7edc387a4f09a7d7ed9deadbab774700462fecac76a3fb997df71b10021824571eedcd2708b8bb5f5796202e3f3d3
SSDEEP

6144:SpR42sUGyvBtBhVGIzgA2ssMenKFFW8fJTD45j9gmhy+mvVi+iy:GtBttysVekQoZqgmhMY6

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

187.131.163.89:7080

85.104.121.33:8443

124.150.175.133:80

198.57.217.170:8080

45.56.122.75:80

138.197.140.163:8080

157.7.164.178:8081

181.36.42.205:443

212.112.113.235:80

185.45.24.254:7080

144.76.62.10:8080

201.196.15.79:990

94.177.253.126:80

113.52.135.33:7080

189.218.243.150:443

190.217.1.149:80

190.55.39.215:80

187.143.219.242:8080

186.146.110.108:8080

42.190.4.92:443

rsa_pubkey.plain

Targets

- Target
  
  56e77137fe682805d5a540a5b3291f47_JaffaCakes118
- Size
  
  396KB
- MD5
  
  56e77137fe682805d5a540a5b3291f47
- SHA1
  
  cbf63fa68e138d294b4dda40b764e9fc5619dac4
- SHA256
  
  70dd7f52df778d83cabfa5b3f607d0cb41a972067217ce6f42582652bf5a45b9
- SHA512
  
  0aff67bd86cf339bbcceb0445e7f08a52ab7edc387a4f09a7d7ed9deadbab774700462fecac76a3fb997df71b10021824571eedcd2708b8bb5f5796202e3f3d3
- SSDEEP
  
  6144:SpR42sUGyvBtBhVGIzgA2ssMenKFFW8fJTD45j9gmhy+mvVi+iy:GtBttysVekQoZqgmhMY6
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2