emotet

General

Target

65368ea5adaeeca3a9f75efdeebc466d_JaffaCakes118
Size

336KB
Sample

240521-3npaksdh41
MD5

65368ea5adaeeca3a9f75efdeebc466d
SHA1

b8e18a8852931c4a6fb9053d50c1a3fe82a9b5db
SHA256

1f0a680d6371c881837f94db5b603571c510c8eaea511e77498427eae944420e
SHA512

206e28a45de716054b852f2defe5adc2b7f4fa032545b8ccc2c6511848a83949c86e45d4d467f7b7a83f05370c0191f4fec55f4e165a89373d6f724e66ff60b1
SSDEEP

6144:G6RABINtOofnGFxg9930Rgr35LvHdv9ZObVSa6frUnPzwT:GyABIN8oIg9FPvOGYnPA

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

152.170.108.99:443

99.252.27.6:80

93.148.252.90:80

96.126.121.64:443

104.236.137.72:8080

85.234.143.94:8080

80.85.87.122:8080

2.139.158.136:443

80.11.158.65:8080

79.31.85.103:80

77.55.211.77:8080

96.61.113.203:80

181.198.203.45:443

142.93.114.137:8080

186.15.83.52:8080

181.36.42.205:443

68.183.190.199:8080

159.203.204.126:8080

50.28.51.143:8080

46.101.212.195:8080

rsa_pubkey.plain

Targets

- Target
  
  65368ea5adaeeca3a9f75efdeebc466d_JaffaCakes118
- Size
  
  336KB
- MD5
  
  65368ea5adaeeca3a9f75efdeebc466d
- SHA1
  
  b8e18a8852931c4a6fb9053d50c1a3fe82a9b5db
- SHA256
  
  1f0a680d6371c881837f94db5b603571c510c8eaea511e77498427eae944420e
- SHA512
  
  206e28a45de716054b852f2defe5adc2b7f4fa032545b8ccc2c6511848a83949c86e45d4d467f7b7a83f05370c0191f4fec55f4e165a89373d6f724e66ff60b1
- SSDEEP
  
  6144:G6RABINtOofnGFxg9930Rgr35LvHdv9ZObVSa6frUnPzwT:GyABIN8oIg9FPvOGYnPA
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2