emotet

General

Target

da2617b92898bad53a65c4426097ad41_JaffaCakes118
Size

628KB
Sample

240911-mjeycavfjk
MD5

da2617b92898bad53a65c4426097ad41
SHA1

c96dad16a22291b5823b2b7d18dc9cc9245bf2df
SHA256

2e7b0c20a67a0a13b279780a65cc73a830627962ab6aed5e303bdccabbb8e418
SHA512

a910990086309249c41091aefab5b39c7033d6e5304c339060f6320c75ec207bd10519cd0fe0633bc2dd5460e18c615790227d9d5bb40ca6a64a9ecd4176e749
SSDEEP

6144:pY2xoyldr35tkAR+n1bCwxgwaDXxz3j6R+uSHQ95dIDrTsOfg1oCXXm5iRDamAR4:pY2Oyldh+nBCDDXDC5y31QoiKiRG9W

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

96.227.52.8:443

51.38.124.206:80

82.196.15.205:8080

38.88.126.202:8080

190.2.31.172:80

110.142.219.51:80

72.167.223.217:8080

138.97.60.141:7080

50.28.51.143:8080

5.189.178.202:8080

192.241.146.84:8080

190.195.129.227:8090

190.24.243.186:80

220.109.145.69:80

77.90.136.129:8080

185.178.10.77:80

94.176.234.118:443

178.250.54.208:8080

74.58.215.226:80

186.103.141.250:443

rsa_pubkey.plain

Targets

- Target
  
  da2617b92898bad53a65c4426097ad41_JaffaCakes118
- Size
  
  628KB
- MD5
  
  da2617b92898bad53a65c4426097ad41
- SHA1
  
  c96dad16a22291b5823b2b7d18dc9cc9245bf2df
- SHA256
  
  2e7b0c20a67a0a13b279780a65cc73a830627962ab6aed5e303bdccabbb8e418
- SHA512
  
  a910990086309249c41091aefab5b39c7033d6e5304c339060f6320c75ec207bd10519cd0fe0633bc2dd5460e18c615790227d9d5bb40ca6a64a9ecd4176e749
- SSDEEP
  
  6144:pY2xoyldr35tkAR+n1bCwxgwaDXxz3j6R+uSHQ95dIDrTsOfg1oCXXm5iRDamAR4:pY2Oyldh+nBCDDXDC5y31QoiKiRG9W
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2