emotet

General

Target

a08f316f64a672b12e4bd53d9ff8f9a6_JaffaCakes118
Size

211KB
Sample

240612-nx9wbatcph
MD5

a08f316f64a672b12e4bd53d9ff8f9a6
SHA1

3fb0ad9801006cf5d0cba7108a6bda511d3fda50
SHA256

ef69021e812d47672a5e4d551b0f601102c4c5d5b470e3ca875c82fd0f02bb0f
SHA512

f190c5ca9d0931176ab2bb7f331ee7c72cdd6d725fed88dc1d09546dd78a8445ad8f81c3b98e02985b25c574d49179fc70abbe579cb83157c8cc8d2c0d8fa7be
SSDEEP

3072:45bDvHZw/mIkCtt/Qzb+HTpjweJ2Jxd6PvnKnPbpfuDgZHoUKZ9GFx:4BzHZtI/QqJHJ2zqvIZuD2HoUKZ9G

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

173.249.157.58:8080

91.109.5.28:8080

108.179.216.46:8080

70.45.30.28:80

51.38.134.203:8080

181.97.70.132:8080

203.99.182.135:443

176.58.93.123:80

95.216.207.86:7080

200.114.134.8:20

138.197.140.163:8080

212.112.113.235:80

192.241.220.183:8080

94.177.253.126:80

186.10.16.244:53

181.57.102.203:8080

190.55.86.138:8443

93.78.205.196:443

181.53.252.85:990

110.36.234.146:80

rsa_pubkey.plain

Targets

- Target
  
  a08f316f64a672b12e4bd53d9ff8f9a6_JaffaCakes118
- Size
  
  211KB
- MD5
  
  a08f316f64a672b12e4bd53d9ff8f9a6
- SHA1
  
  3fb0ad9801006cf5d0cba7108a6bda511d3fda50
- SHA256
  
  ef69021e812d47672a5e4d551b0f601102c4c5d5b470e3ca875c82fd0f02bb0f
- SHA512
  
  f190c5ca9d0931176ab2bb7f331ee7c72cdd6d725fed88dc1d09546dd78a8445ad8f81c3b98e02985b25c574d49179fc70abbe579cb83157c8cc8d2c0d8fa7be
- SSDEEP
  
  3072:45bDvHZw/mIkCtt/Qzb+HTpjweJ2Jxd6PvnKnPbpfuDgZHoUKZ9GFx:4BzHZtI/QqJHJ2zqvIZuD2HoUKZ9G
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2