emotet

General

Target

ccd2860faab4ed95d673d18e5d6c5789_JaffaCakes118
Size

260KB
Sample

240831-pxs38stfnh
MD5

ccd2860faab4ed95d673d18e5d6c5789
SHA1

469b767fd3ddad785f1a43884c59e42a3c4a859f
SHA256

7e3da69f5a06a781839ec34ec9e22b843bf37d965fd8a450033a86b6451c9db1
SHA512

ddc6bc8b94b88b9b4eba1669e43ecbed332e1bd35400c631a48dfa290d04c9f78a0fd5281b400eeaec22d80bf0a4e3ff7c51a40c7e4dc81076b7e495cc9c1342
SSDEEP

6144:AwUIy1wev5ddGNVe49M7Lvc6cBQLYMNIDK:CIybv5uNVeN7qw

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

115.176.16.221:80

45.79.16.230:7080

145.239.169.32:7080

190.85.46.52:7080

180.26.62.115:443

179.5.118.12:80

189.160.188.97:80

5.79.70.250:8080

126.126.139.26:443

41.84.243.145:80

79.133.6.236:8080

139.59.12.63:8080

95.216.205.155:8080

45.177.120.37:8080

54.38.143.245:8080

157.7.164.178:8081

41.212.89.128:80

50.116.78.109:8080

75.127.14.170:8080

49.243.9.118:80

rsa_pubkey.plain

Targets

- Target
  
  ccd2860faab4ed95d673d18e5d6c5789_JaffaCakes118
- Size
  
  260KB
- MD5
  
  ccd2860faab4ed95d673d18e5d6c5789
- SHA1
  
  469b767fd3ddad785f1a43884c59e42a3c4a859f
- SHA256
  
  7e3da69f5a06a781839ec34ec9e22b843bf37d965fd8a450033a86b6451c9db1
- SHA512
  
  ddc6bc8b94b88b9b4eba1669e43ecbed332e1bd35400c631a48dfa290d04c9f78a0fd5281b400eeaec22d80bf0a4e3ff7c51a40c7e4dc81076b7e495cc9c1342
- SSDEEP
  
  6144:AwUIy1wev5ddGNVe49M7Lvc6cBQLYMNIDK:CIybv5uNVeN7qw
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2