emotet

General

Target

5470d8c38c6e3e1f3efafd1b163bba6a_JaffaCakes118
Size

664KB
Sample

240518-nf6gkagh65
MD5

5470d8c38c6e3e1f3efafd1b163bba6a
SHA1

8e48a4ba94304e454fd1716a1aff9a2ad14c88f9
SHA256

4a39b3269e0828dde0b7dc6d0c689f9fe6690bbb3dbe7d0606774591018e9907
SHA512

21f7d5b4ba7ca61653a07ab0d35aada95d4cfb09660a28c926bcad498958af0538daf217597d225111a14592ad580b76e634d419ff5f9ad6171a1079fe19ee56
SSDEEP

6144:8HmIaNXDOloDkOBODS3YCtY8FBgWpVtm4BxwEHmlm+GFZxNX6xNTs8:GmYoo1CfFBWqwSml2lKg

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

177.180.115.224:80

177.242.21.126:80

190.210.236.139:80

144.217.117.207:8080

96.126.121.64:443

104.236.137.72:8080

85.234.143.94:8080

5.88.27.67:8080

37.187.6.63:8080

186.15.83.52:8080

201.213.32.59:80

97.81.12.153:80

178.79.163.131:8080

138.68.106.4:7080

217.199.160.224:8080

181.61.143.177:80

189.19.81.181:443

186.68.48.204:443

118.36.70.245:80

80.11.158.65:8080

rsa_pubkey.plain

Targets

- Target
  
  5470d8c38c6e3e1f3efafd1b163bba6a_JaffaCakes118
- Size
  
  664KB
- MD5
  
  5470d8c38c6e3e1f3efafd1b163bba6a
- SHA1
  
  8e48a4ba94304e454fd1716a1aff9a2ad14c88f9
- SHA256
  
  4a39b3269e0828dde0b7dc6d0c689f9fe6690bbb3dbe7d0606774591018e9907
- SHA512
  
  21f7d5b4ba7ca61653a07ab0d35aada95d4cfb09660a28c926bcad498958af0538daf217597d225111a14592ad580b76e634d419ff5f9ad6171a1079fe19ee56
- SSDEEP
  
  6144:8HmIaNXDOloDkOBODS3YCtY8FBgWpVtm4BxwEHmlm+GFZxNX6xNTs8:GmYoo1CfFBWqwSml2lKg
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2