emotet

General

Target

90d97230f5d9e605caed2e7c29b66694_JaffaCakes118
Size

350KB
Sample

240603-hdnwvaeh8z
MD5

90d97230f5d9e605caed2e7c29b66694
SHA1

9444379763cfe0c2f1c497dfc4470f71d36af6dd
SHA256

83decc520e8ae00d35b8824c384991bcf363c60896b50b247fd4df14a28d3142
SHA512

cbb04619b184a992eb2b66a3e91520c922608beef25b4d2893683e0c4e6322c5fb6d2dc4786fe94af9ecc022f8c3a1770ed2ca7f34d2b1d6ac78534d9263d50d
SSDEEP

6144:+LdOErr1UnBpt/8fDro5R4mZYB4bi8CLqwGhw2/K6786TEnCAIpi9MxipEl7BuHB:QOEriBWDroj4mZYBMMbGk

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

200.109.58.183:443

190.195.148.163:80

46.105.131.68:8080

192.163.221.191:8080

124.150.175.133:80

190.96.118.15:443

216.70.88.55:8080

181.197.2.80:443

110.36.234.146:80

142.93.87.198:8080

23.253.207.142:8080

91.109.5.28:8080

138.197.140.163:8080

201.210.70.8:8080

94.177.253.126:80

75.154.163.1:8090

95.216.212.157:8080

186.84.173.153:80

157.7.164.178:8081

176.58.93.123:80

rsa_pubkey.plain

Targets

- Target
  
  90d97230f5d9e605caed2e7c29b66694_JaffaCakes118
- Size
  
  350KB
- MD5
  
  90d97230f5d9e605caed2e7c29b66694
- SHA1
  
  9444379763cfe0c2f1c497dfc4470f71d36af6dd
- SHA256
  
  83decc520e8ae00d35b8824c384991bcf363c60896b50b247fd4df14a28d3142
- SHA512
  
  cbb04619b184a992eb2b66a3e91520c922608beef25b4d2893683e0c4e6322c5fb6d2dc4786fe94af9ecc022f8c3a1770ed2ca7f34d2b1d6ac78534d9263d50d
- SSDEEP
  
  6144:+LdOErr1UnBpt/8fDro5R4mZYB4bi8CLqwGhw2/K6786TEnCAIpi9MxipEl7BuHB:QOEriBWDroj4mZYBMMbGk
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2