emotet

General

Target

cc212c88b14605d5347d7c28be595625_JaffaCakes118
Size

464KB
Sample

240831-dnmdjsseke
MD5

cc212c88b14605d5347d7c28be595625
SHA1

c54b3367ba8a0d868a34802e40a32ae6ec9b3bb6
SHA256

1e48980c5c6563c16cc9d8e8562d2fc1a1371f39119d9679e9d96776bd565cfe
SHA512

35b6f9da1d565a14665143e89000c3babad787f72f43a0d5b50b50c8ddab836ac805cb424bcee1f65e581fb46c721afa8a4dd3a646c8ed6fb155c5379a498dd2
SSDEEP

12288:3CbqpofwK3h6rZlwkgfXPRNujSghRoqf:3cJoK3h6r71MPvujR2q

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

12.163.208.58:80

45.33.35.74:8080

87.106.253.248:8080

192.241.146.84:8080

190.115.18.139:8080

65.36.62.20:80

170.81.48.2:80

83.169.21.32:7080

185.232.182.218:80

190.2.31.172:80

77.106.157.34:8080

82.230.1.24:80

202.4.58.197:80

201.213.177.139:80

78.249.119.122:80

123.51.47.18:80

77.90.136.129:8080

60.93.23.51:80

152.169.22.67:80

190.117.79.209:80

rsa_pubkey.plain

Targets

- Target
  
  cc212c88b14605d5347d7c28be595625_JaffaCakes118
- Size
  
  464KB
- MD5
  
  cc212c88b14605d5347d7c28be595625
- SHA1
  
  c54b3367ba8a0d868a34802e40a32ae6ec9b3bb6
- SHA256
  
  1e48980c5c6563c16cc9d8e8562d2fc1a1371f39119d9679e9d96776bd565cfe
- SHA512
  
  35b6f9da1d565a14665143e89000c3babad787f72f43a0d5b50b50c8ddab836ac805cb424bcee1f65e581fb46c721afa8a4dd3a646c8ed6fb155c5379a498dd2
- SSDEEP
  
  12288:3CbqpofwK3h6rZlwkgfXPRNujSghRoqf:3cJoK3h6r71MPvujR2q
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2