emotet

General

Target

631545bb910def12263fbd08ad675d6e_JaffaCakes118
Size

551KB
Sample

240521-m9x7lsbd61
MD5

631545bb910def12263fbd08ad675d6e
SHA1

685fe2a44c4d2d803ec605b1e03ddec3e65e2a19
SHA256

2091a24d7e03980bcd3f18b5a71ca87a93e4f4382810de2ad817086c626d3505
SHA512

fb38ac528a5f53ccb2dde9310f6166a5560e2d4089f2106f48983a49efa9b2ae6574f5385f238aa08b9355a5180004548b210a2459d6b191185b4b0cd7b7fe9e
SSDEEP

12288:JjVeneMEuEB2ZVirlydPUGUuhshCK+NeFxAri6If0LecJDFqs:VcneFJB2irl6UuhzK+NeFxAri6IfmJJq

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

111.119.233.65:80

190.210.184.138:995

51.255.165.160:8080

45.56.79.249:443

163.172.40.218:7080

91.205.215.57:7080

68.183.170.114:8080

190.217.1.149:80

62.75.160.178:8080

200.113.106.18:80

5.196.35.138:7080

89.188.124.145:443

186.23.132.93:990

51.15.8.192:8080

190.38.14.52:80

217.199.160.224:8080

207.154.204.40:8080

142.93.114.137:8080

94.183.71.206:7080

190.104.253.234:990

rsa_pubkey.plain

Targets

- Target
  
  631545bb910def12263fbd08ad675d6e_JaffaCakes118
- Size
  
  551KB
- MD5
  
  631545bb910def12263fbd08ad675d6e
- SHA1
  
  685fe2a44c4d2d803ec605b1e03ddec3e65e2a19
- SHA256
  
  2091a24d7e03980bcd3f18b5a71ca87a93e4f4382810de2ad817086c626d3505
- SHA512
  
  fb38ac528a5f53ccb2dde9310f6166a5560e2d4089f2106f48983a49efa9b2ae6574f5385f238aa08b9355a5180004548b210a2459d6b191185b4b0cd7b7fe9e
- SSDEEP
  
  12288:JjVeneMEuEB2ZVirlydPUGUuhshCK+NeFxAri6If0LecJDFqs:VcneFJB2irl6UuhzK+NeFxAri6IfmJJq
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2