emotet

General

Target

6472da4b37de5d469382eddf7a0024fc_JaffaCakes118
Size

556KB
Sample

240521-xycrmsfe9v
MD5

6472da4b37de5d469382eddf7a0024fc
SHA1

2d2cada5d30f3ab83a2e44696c681cf763ee8710
SHA256

72a088a2d2bcfe6c8ad572bb93d96971e201197fe07fcf4c6353f5190c4839ab
SHA512

a0c6105292adc4b5f02b359e9f462ef403c1e824aa20fb189bd542f9186a376dba0c583f8697b3b275150b864dc90493edd35fe6d8ff6694d2a410814ca67ce1
SSDEEP

12288:HbFmNHloUQYbEZpakjYDJA1zpYDwUeisjPjM1:YHNQYbuDj6Sf3jP2

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

211.218.105.101:80

197.90.159.42:80

201.183.251.100:80

50.63.13.135:8080

80.211.32.88:8080

222.239.249.166:443

192.161.190.171:8080

161.18.233.114:80

41.218.118.66:80

189.236.4.214:443

181.197.108.171:443

80.93.48.49:7080

212.129.14.27:8080

78.46.87.133:8080

200.71.112.158:53

216.75.37.196:8080

157.7.164.178:8081

195.201.56.68:7080

189.180.105.125:443

124.150.175.129:8080

rsa_pubkey.plain

Targets

- Target
  
  6472da4b37de5d469382eddf7a0024fc_JaffaCakes118
- Size
  
  556KB
- MD5
  
  6472da4b37de5d469382eddf7a0024fc
- SHA1
  
  2d2cada5d30f3ab83a2e44696c681cf763ee8710
- SHA256
  
  72a088a2d2bcfe6c8ad572bb93d96971e201197fe07fcf4c6353f5190c4839ab
- SHA512
  
  a0c6105292adc4b5f02b359e9f462ef403c1e824aa20fb189bd542f9186a376dba0c583f8697b3b275150b864dc90493edd35fe6d8ff6694d2a410814ca67ce1
- SSDEEP
  
  12288:HbFmNHloUQYbEZpakjYDJA1zpYDwUeisjPjM1:YHNQYbuDj6Sf3jP2
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2