emotet

General

Target

5b0af3dce15d92a5a7b8a37de83eeaa7_JaffaCakes118
Size

416KB
Sample

240519-x3a4lsdg7w
MD5

5b0af3dce15d92a5a7b8a37de83eeaa7
SHA1

6dcd0197106aad03ebb99fe5b48e07030eee313c
SHA256

75d39cde8311668ffaea4a2211eb81690af2cfb39e8407dd73fdac3e1c7cc777
SHA512

6c02ee833a5c348ebf81d00a27de74b727055636da4fb8cda0fbcc7f81d8627731c7af22842cb80b061f233d2f29791b1c1342c95d6fce611c7f5d28a7a4be61
SSDEEP

6144:BL0ofRj4RzQF/zpWDdnXrZ+S7fSShT7bh1XhtGpmjc95bTYDbpaX:BLVRsRzQDWDxZ+gf17bh1XEm4ffobpaX

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

178.153.91.22:80

92.17.138.248:80

114.183.140.94:80

172.105.213.30:80

69.30.205.162:7080

50.63.13.135:8080

192.161.190.171:8080

210.111.160.220:80

181.44.166.242:80

41.218.118.66:80

46.17.6.116:8080

142.93.87.198:8080

113.52.135.33:7080

187.177.155.123:990

172.90.70.168:443

198.57.217.170:8080

123.142.37.165:80

95.216.212.157:8080

187.250.92.82:80

216.75.37.196:8080

rsa_pubkey.plain

Targets

- Target
  
  5b0af3dce15d92a5a7b8a37de83eeaa7_JaffaCakes118
- Size
  
  416KB
- MD5
  
  5b0af3dce15d92a5a7b8a37de83eeaa7
- SHA1
  
  6dcd0197106aad03ebb99fe5b48e07030eee313c
- SHA256
  
  75d39cde8311668ffaea4a2211eb81690af2cfb39e8407dd73fdac3e1c7cc777
- SHA512
  
  6c02ee833a5c348ebf81d00a27de74b727055636da4fb8cda0fbcc7f81d8627731c7af22842cb80b061f233d2f29791b1c1342c95d6fce611c7f5d28a7a4be61
- SSDEEP
  
  6144:BL0ofRj4RzQF/zpWDdnXrZ+S7fSShT7bh1XhtGpmjc95bTYDbpaX:BLVRsRzQDWDxZ+gf17bh1XEm4ffobpaX
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2