emotet

General

Target

72a047e904674affc3a757373712eee3_JaffaCakes118
Size

64KB
Sample

240525-vdsk9aba7v
MD5

72a047e904674affc3a757373712eee3
SHA1

f09f0060fe7b3aac9bfb703431f270d98a205c6c
SHA256

9228998b08b8129e8db42a7266a69e8ad3bdf853040bf5f39bfd995fe2b80c49
SHA512

77fcf6e3152e85d959d74f6e668e0bc7b76d2e4236ae3bae854e72ff6d787c59da963f5949670f4a0380f6e2d5868f5e99fd5fe34eab32718015730a74fc2a10
SSDEEP

1536:XO7dT8GsR3+PUfkPC4QkM8RLdFM5WEYj07oEVK0KX/kk9Z:eSGssP2kaORLdFREhoKEb9Z

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

181.99.235.57:80

187.199.158.226:443

186.0.95.172:80

46.41.134.46:8080

178.249.187.151:8080

217.199.160.224:8080

71.244.60.230:7080

119.59.124.163:8080

109.169.86.13:8080

190.200.64.180:7080

217.113.27.158:443

71.244.60.231:7080

46.21.105.59:8080

179.62.18.56:443

211.229.116.97:80

88.250.223.190:8080

181.188.149.134:80

91.205.215.57:7080

190.230.60.129:80

77.55.211.77:8080

rsa_pubkey.plain

Targets

- Target
  
  72a047e904674affc3a757373712eee3_JaffaCakes118
- Size
  
  64KB
- MD5
  
  72a047e904674affc3a757373712eee3
- SHA1
  
  f09f0060fe7b3aac9bfb703431f270d98a205c6c
- SHA256
  
  9228998b08b8129e8db42a7266a69e8ad3bdf853040bf5f39bfd995fe2b80c49
- SHA512
  
  77fcf6e3152e85d959d74f6e668e0bc7b76d2e4236ae3bae854e72ff6d787c59da963f5949670f4a0380f6e2d5868f5e99fd5fe34eab32718015730a74fc2a10
- SSDEEP
  
  1536:XO7dT8GsR3+PUfkPC4QkM8RLdFM5WEYj07oEVK0KX/kk9Z:eSGssP2kaORLdFREhoKEb9Z
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2