emotet

General

Target

6361ac82e801725d875c32cc6062887f_JaffaCakes118
Size

412KB
Sample

240521-p8th5sef82
MD5

6361ac82e801725d875c32cc6062887f
SHA1

ec600314ebc8e057eac1412c97de87ee8883de59
SHA256

013bfa1ad8a59a0fe812c30bbe9a32e6a4357b35d00b919e5d9b7adfdf0bf160
SHA512

5aba049a31bb5e2070c6fcec29c5c1a2073a9ad0a7481927b00c66bf094bacc71280047e8e209c3940dd30649c0e56d813d7bf89d0d502aacd0560d7fc89ef36
SSDEEP

6144:hthUdyyhWBOuv+0dLvtt5ZRT101SU6ZZLhmiHadvVTL30w5X8Wi2:udyqWV+e1rH2h6ZKzhz0Ws

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

201.106.32.171:80

181.29.164.248:80

46.29.183.211:8080

23.229.115.217:8080

81.169.140.14:443

68.183.190.199:8080

87.106.77.40:7080

144.139.158.155:80

89.188.124.145:443

201.213.32.59:80

68.183.170.114:8080

46.163.144.228:80

46.41.151.103:8080

185.187.198.10:8080

5.196.35.138:7080

186.23.132.93:990

200.58.171.51:80

94.183.71.206:7080

94.177.183.28:8080

46.28.111.142:7080

rsa_pubkey.plain

Targets

- Target
  
  6361ac82e801725d875c32cc6062887f_JaffaCakes118
- Size
  
  412KB
- MD5
  
  6361ac82e801725d875c32cc6062887f
- SHA1
  
  ec600314ebc8e057eac1412c97de87ee8883de59
- SHA256
  
  013bfa1ad8a59a0fe812c30bbe9a32e6a4357b35d00b919e5d9b7adfdf0bf160
- SHA512
  
  5aba049a31bb5e2070c6fcec29c5c1a2073a9ad0a7481927b00c66bf094bacc71280047e8e209c3940dd30649c0e56d813d7bf89d0d502aacd0560d7fc89ef36
- SSDEEP
  
  6144:hthUdyyhWBOuv+0dLvtt5ZRT101SU6ZZLhmiHadvVTL30w5X8Wi2:udyqWV+e1rH2h6ZKzhz0Ws
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2