emotet

General

Target

cb5660dabdeae5d73d5c36b3af0c4f11_JaffaCakes118
Size

132KB
Sample

240830-wbknaswfqc
MD5

cb5660dabdeae5d73d5c36b3af0c4f11
SHA1

e0befe26d7bc0e179a33c3c32e0ecf94bddc2e50
SHA256

8feb3da81ccde5d71483e103591c8637bf382b0bd717823679660ba0fccacbbd
SHA512

184e27c1d5b52795c405ff82b50462a10c56341d2469c6c788f9cdb63c9bc69ddf498f631b22f30f17fdb40fda2060d96f35e85be37f6eb4c5c42c3a83b47e35
SSDEEP

1536:GmYczEyk9QpGW+Za55pi/SQr5RCs6Hl68+895baYCSjTZyl2JtXaBIYH7prGOO12:G4z+Qk/X/5u1P95ba2E0qBDbpahaxbz

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

91.187.80.246:80

108.191.2.72:80

188.152.7.140:80

108.179.206.219:8080

59.110.18.236:443

45.56.88.91:443

206.81.10.215:8080

178.209.71.63:8080

91.231.166.126:8080

200.71.148.138:8080

87.106.139.101:8080

212.186.191.177:80

212.129.24.79:8080

173.13.135.102:80

197.254.221.174:80

37.157.194.134:443

190.211.207.11:443

190.226.44.20:21

165.228.24.197:80

107.170.24.125:8080

rsa_pubkey.plain

Targets

- Target
  
  cb5660dabdeae5d73d5c36b3af0c4f11_JaffaCakes118
- Size
  
  132KB
- MD5
  
  cb5660dabdeae5d73d5c36b3af0c4f11
- SHA1
  
  e0befe26d7bc0e179a33c3c32e0ecf94bddc2e50
- SHA256
  
  8feb3da81ccde5d71483e103591c8637bf382b0bd717823679660ba0fccacbbd
- SHA512
  
  184e27c1d5b52795c405ff82b50462a10c56341d2469c6c788f9cdb63c9bc69ddf498f631b22f30f17fdb40fda2060d96f35e85be37f6eb4c5c42c3a83b47e35
- SSDEEP
  
  1536:GmYczEyk9QpGW+Za55pi/SQr5RCs6Hl68+895baYCSjTZyl2JtXaBIYH7prGOO12:G4z+Qk/X/5u1P95ba2E0qBDbpahaxbz
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2