emotet

General

Target

069b40aa3cfbb87f92ab671893102eed_JaffaCakes118
Size

203KB
Sample

240623-r5prwsycrk
MD5

069b40aa3cfbb87f92ab671893102eed
SHA1

a1a46a898627a7a2c8bcdc6a7d738635921407b2
SHA256

50f70f738865bdbaa7e3ea7707a4fb142fe853f28ee215b0e83e6d265090e2c7
SHA512

2296add141418e63fb13ab3940cd920e7f0b6c5ba68d59c1ffe3447a473eceb5ccf660bf2505adcfe8d14347b670d7da41038b8fb887d93597ae59b47978a68a
SSDEEP

3072:pdHzo79bSfLYoGEwjV2hCVu4oCfAHt2IjdrT7zOJ0jFH:PTo7tsLYote8QVAM6t2IxzOJ0p

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

74.208.74.92:8080

89.32.150.160:8080

80.240.141.141:7080

151.80.142.33:80

5.196.35.138:7080

200.58.171.51:80

81.213.215.216:50000

187.150.150.127:7080

149.62.173.247:8080

62.75.160.178:8080

170.84.133.72:8443

79.129.0.173:8080

181.29.101.13:8080

183.82.97.25:80

109.104.79.48:8080

201.199.93.30:443

159.203.204.126:8080

181.36.42.205:443

46.28.111.142:7080

178.249.187.151:8080

rsa_pubkey.plain

Targets

- Target
  
  069b40aa3cfbb87f92ab671893102eed_JaffaCakes118
- Size
  
  203KB
- MD5
  
  069b40aa3cfbb87f92ab671893102eed
- SHA1
  
  a1a46a898627a7a2c8bcdc6a7d738635921407b2
- SHA256
  
  50f70f738865bdbaa7e3ea7707a4fb142fe853f28ee215b0e83e6d265090e2c7
- SHA512
  
  2296add141418e63fb13ab3940cd920e7f0b6c5ba68d59c1ffe3447a473eceb5ccf660bf2505adcfe8d14347b670d7da41038b8fb887d93597ae59b47978a68a
- SSDEEP
  
  3072:pdHzo79bSfLYoGEwjV2hCVu4oCfAHt2IjdrT7zOJ0jFH:PTo7tsLYote8QVAM6t2IxzOJ0p
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2