emotet

General

Target

aab3eb9f21a65756920f8c2225048c56_JaffaCakes118
Size

212KB
Sample

240819-mwfemszcqg
MD5

aab3eb9f21a65756920f8c2225048c56
SHA1

00b979930ce451419e2a0583b42576463e0df65f
SHA256

aead42ddfdaf387ce5dca9a5f4cb559fda721954e2f796e7e6cd981b6e06144a
SHA512

68e4f6dbfdd752736aa28dd70efab1d5609c63e142b0094fe26795b50ac656b9c4eed9096c38850260663a9fb9860454c2d64646377633b4ee980cb4e593c9ce
SSDEEP

3072:oKdoleKfKf1S7KI9wzET3ksCc88z9ltq/SGhJisRT8lusvwdoym:oKdlKfKs7KI9wolCcbXGms+FvY

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

38.18.235.242:80

5.196.108.189:8080

121.124.124.40:7080

104.236.246.93:8080

113.61.66.94:80

120.150.60.189:80

91.211.88.52:7080

47.144.21.12:443

108.46.29.236:80

139.162.108.71:8080

134.209.36.254:8080

139.59.60.244:8080

66.65.136.14:80

76.175.162.101:80

174.106.122.139:80

95.213.236.64:8080

174.45.13.118:80

50.35.17.13:80

209.141.54.221:8080

87.106.139.101:8080

rsa_pubkey.plain

Targets

- Target
  
  aab3eb9f21a65756920f8c2225048c56_JaffaCakes118
- Size
  
  212KB
- MD5
  
  aab3eb9f21a65756920f8c2225048c56
- SHA1
  
  00b979930ce451419e2a0583b42576463e0df65f
- SHA256
  
  aead42ddfdaf387ce5dca9a5f4cb559fda721954e2f796e7e6cd981b6e06144a
- SHA512
  
  68e4f6dbfdd752736aa28dd70efab1d5609c63e142b0094fe26795b50ac656b9c4eed9096c38850260663a9fb9860454c2d64646377633b4ee980cb4e593c9ce
- SSDEEP
  
  3072:oKdoleKfKf1S7KI9wzET3ksCc88z9ltq/SGhJisRT8lusvwdoym:oKdlKfKs7KI9wolCcbXGms+FvY
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2