emotet

General

Target

72556988fd1623efd2e90ed87b14e644_JaffaCakes118
Size

392KB
Sample

240525-r9j27sgc8t
MD5

72556988fd1623efd2e90ed87b14e644
SHA1

5f02ee8bb59504cc2325427759cf50fb1ea3d1f1
SHA256

f2ba7468f0bd780ad29c66bd01d7e2e9780040eacfe736bfa861eb08908cc7be
SHA512

1eb14a4e565b9e488652e1bc9051fc1130a3687916cb99fd99201e2b3e2db366c7d6fec939c7064f2c915a9af318c4651941d114ad95ad0da96ced28b36b05a2
SSDEEP

6144:vQwl8GGD02Q98eFRDtelT6LXdooCXV5DLvmgB76/Sj2tcm5dqa5/sZS:vr8XD0DxDtyQXS5uPUiz5r5J

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

50.63.13.135:8080

80.211.32.88:8080

222.239.249.166:443

54.38.94.197:8080

78.46.87.133:8080

191.100.24.201:50000

200.71.112.158:53

212.129.14.27:8080

190.189.79.73:80

176.58.93.123:80

113.52.135.33:7080

161.18.233.114:80

46.17.6.116:8080

192.241.220.183:8080

162.144.46.90:8080

95.216.207.86:7080

95.216.212.157:8080

217.26.163.82:7080

50.116.78.109:8080

142.93.87.198:8080

rsa_pubkey.plain

Targets

- Target
  
  72556988fd1623efd2e90ed87b14e644_JaffaCakes118
- Size
  
  392KB
- MD5
  
  72556988fd1623efd2e90ed87b14e644
- SHA1
  
  5f02ee8bb59504cc2325427759cf50fb1ea3d1f1
- SHA256
  
  f2ba7468f0bd780ad29c66bd01d7e2e9780040eacfe736bfa861eb08908cc7be
- SHA512
  
  1eb14a4e565b9e488652e1bc9051fc1130a3687916cb99fd99201e2b3e2db366c7d6fec939c7064f2c915a9af318c4651941d114ad95ad0da96ced28b36b05a2
- SSDEEP
  
  6144:vQwl8GGD02Q98eFRDtelT6LXdooCXV5DLvmgB76/Sj2tcm5dqa5/sZS:vr8XD0DxDtyQXS5uPUiz5r5J
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2