emotet

General

Target

d3b242ca997b43d881a0a1d31c48d853_JaffaCakes118
Size

168KB
Sample

240908-gpjktszgpr
MD5

d3b242ca997b43d881a0a1d31c48d853
SHA1

e50365befe2e84330459f8c179b3937c57996a2e
SHA256

c2cae5e87b233bad6faba106090c8bf22e023fed95da2fb05bd5b4147aa32a9f
SHA512

2780dc315efc35c1a4ddacd2fe799a4a2d5b557f2c6037565ff73933ce9003f0d3e5b6356c2500ed6e70de699d7e0604c899b6c965ce9fcd0bb39b52959d6b37
SSDEEP

3072:Nqwk57x9lHJMQLkWbL8hNNGTg8HrmyNFJ/ogu1pMQWqNgL4xuEQsxq:87RJMwbAhNz8LbowQWqi6LQ

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

67.10.155.92:80

38.111.46.46:8080

134.209.36.254:8080

162.241.242.173:8080

2.84.135.163:80

94.1.108.190:443

140.186.212.146:80

95.179.229.244:8080

200.114.213.233:8080

113.61.66.94:80

190.240.194.77:443

61.19.246.238:443

110.5.16.198:80

83.169.36.251:8080

37.187.72.193:8080

176.111.60.55:8080

85.105.205.77:8080

168.235.67.138:7080

200.123.150.89:443

87.106.139.101:8080

rsa_pubkey.plain

Targets

- Target
  
  d3b242ca997b43d881a0a1d31c48d853_JaffaCakes118
- Size
  
  168KB
- MD5
  
  d3b242ca997b43d881a0a1d31c48d853
- SHA1
  
  e50365befe2e84330459f8c179b3937c57996a2e
- SHA256
  
  c2cae5e87b233bad6faba106090c8bf22e023fed95da2fb05bd5b4147aa32a9f
- SHA512
  
  2780dc315efc35c1a4ddacd2fe799a4a2d5b557f2c6037565ff73933ce9003f0d3e5b6356c2500ed6e70de699d7e0604c899b6c965ce9fcd0bb39b52959d6b37
- SSDEEP
  
  3072:Nqwk57x9lHJMQLkWbL8hNNGTg8HrmyNFJ/ogu1pMQWqNgL4xuEQsxq:87RJMwbAhNz8LbowQWqi6LQ
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2