emotet

General

Target

7625b18518f0ff9b42b4d95b93cc5d82_JaffaCakes118
Size

652KB
Sample

240526-vdflpadb8w
MD5

7625b18518f0ff9b42b4d95b93cc5d82
SHA1

2ac608221610e1e3bbdf28a60ac9cac798604798
SHA256

82fd827a828f7eb4c9683707910a8f4d135c7f2107c33dd94196a09a92e31898
SHA512

2bd93eaa1f8835496919d9b5f0cec0e1c0bd63f7d58b59a92778af721cc9005b741ae99426232232bc5d141cd11f9b9d7574c90d7904a3b595c15043df7ea2ba
SSDEEP

6144:M1kldizdOT/pS0MIt7YRU6f5+StXzXYbnnuCYUvaJqqjbGdIBJxmA++j90TTofwz:VplfofXYbjYUvaVaCn++O4ZV4o6L

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

72.69.99.47:80

190.5.162.204:80

123.142.37.165:80

50.63.13.135:8080

222.239.249.166:443

192.161.190.171:8080

80.93.48.49:7080

195.201.56.68:7080

181.44.166.242:80

161.18.233.114:80

51.38.134.203:8080

212.129.14.27:8080

172.90.70.168:443

45.129.121.222:443

189.180.105.125:443

186.66.224.182:990

122.11.164.183:80

138.197.140.163:8080

211.218.105.101:80

212.112.113.235:80

rsa_pubkey.plain

Targets

- Target
  
  7625b18518f0ff9b42b4d95b93cc5d82_JaffaCakes118
- Size
  
  652KB
- MD5
  
  7625b18518f0ff9b42b4d95b93cc5d82
- SHA1
  
  2ac608221610e1e3bbdf28a60ac9cac798604798
- SHA256
  
  82fd827a828f7eb4c9683707910a8f4d135c7f2107c33dd94196a09a92e31898
- SHA512
  
  2bd93eaa1f8835496919d9b5f0cec0e1c0bd63f7d58b59a92778af721cc9005b741ae99426232232bc5d141cd11f9b9d7574c90d7904a3b595c15043df7ea2ba
- SSDEEP
  
  6144:M1kldizdOT/pS0MIt7YRU6f5+StXzXYbnnuCYUvaJqqjbGdIBJxmA++j90TTofwz:VplfofXYbjYUvaVaCn++O4ZV4o6L
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2