General

  • Target

    d827d9e90856a19be11c4478963cc1c4_JaffaCakes118

  • Size

    95KB

  • Sample

    240910-nbr4dasfmd

  • MD5

    d827d9e90856a19be11c4478963cc1c4

  • SHA1

    7d2942910cfed14727b917440bd20babb308a260

  • SHA256

    8624d685282bf2aa22850645d44797cc0420d5fd2d96534db7780b48b5ce2b37

  • SHA512

    c2e2a4a9ed80d93547fe453223e88ee978e6d3abc20c4a5c5af155e221929831b8804717c2588413601c05977d4203add84b59afbb2c21d84653ee47b2503550

  • SSDEEP

    1536:LGSy5eVumHHtuCtZVmOAIb1eW99N+1PM90bpxO7IHyf3+/UARtdfhEPPYaLrn2Vu:CS+KTnYCtZAOAV0+167wMOtdWXYauVu

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

128.92.203.42:80

37.187.161.206:8080

202.29.239.162:443

80.87.201.221:7080

190.188.245.242:80

12.163.208.58:80

213.197.182.158:8080

201.213.177.139:80

62.84.75.50:80

45.33.77.42:8080

185.183.16.47:80

78.249.119.122:80

177.129.17.170:443

51.15.7.189:80

152.169.22.67:80

119.106.216.84:80

109.169.12.78:80

51.15.7.145:80

219.92.13.25:80

190.117.79.209:80

rsa_pubkey.plain
1
-----BEGIN PUBLIC KEY-----
2
MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAOZ9fLJ8UrI0OZURpPsR3eijAyfPj3z6
3
uS75f2igmYFW2aWgNcFIzsAYQleKzD0nlCFHOo7Zf8/4wY2UW0CJ4dJEHnE/PHlz
4
6uNk3pxjm7o4eCDyiJbzf+k0Azjl0q54FQIDAQAB
5
-----END PUBLIC KEY-----

Targets

    • Target

      d827d9e90856a19be11c4478963cc1c4_JaffaCakes118

    • Size

      95KB

    • MD5

      d827d9e90856a19be11c4478963cc1c4

    • SHA1

      7d2942910cfed14727b917440bd20babb308a260

    • SHA256

      8624d685282bf2aa22850645d44797cc0420d5fd2d96534db7780b48b5ce2b37

    • SHA512

      c2e2a4a9ed80d93547fe453223e88ee978e6d3abc20c4a5c5af155e221929831b8804717c2588413601c05977d4203add84b59afbb2c21d84653ee47b2503550

    • SSDEEP

      1536:LGSy5eVumHHtuCtZVmOAIb1eW99N+1PM90bpxO7IHyf3+/UARtdfhEPPYaLrn2Vu:CS+KTnYCtZAOAV0+167wMOtdWXYauVu

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

    • Emotet payload

      Detects Emotet payload in memory.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.