emotet

General

Target

e19489fce107a0bfe7e74071655c85af_JaffaCakes118
Size

440KB
Sample

240915-djgmhasfjp
MD5

e19489fce107a0bfe7e74071655c85af
SHA1

9ef0c836ad3841970f3d413c5b15cf6371ebf49e
SHA256

8076f8f2ff1f8d79f0ba17c28f3747da28b197111c3f7195b60a371385b7a550
SHA512

10dae2c2c1aea7d54fe91733ab01d72d5a7a2f2d08d9698269e4e11cd013b844b2261bd7e54fdf8204c45fa8b816202b9957606186ece9da5ea315866df56d2f
SSDEEP

6144:yAXzR+WZrBP1t+lPd5VgD/WOSZ5+PB62PKa9vWgVwXD/IqU61t+y+q:yyzrUPd8/W/Z50rujx1t+y+q

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

110.142.161.90:80

189.225.211.171:443

187.74.69.152:8080

172.105.213.30:80

69.30.205.162:7080

50.63.13.135:8080

192.161.190.171:8080

210.111.160.220:80

41.218.118.66:80

60.53.3.153:8080

83.110.107.243:443

142.93.87.198:8080

211.218.105.101:80

78.46.87.133:8080

187.233.220.93:443

103.122.75.218:80

177.103.201.23:80

162.144.46.90:8080

186.215.101.106:80

176.58.93.123:80

rsa_pubkey.plain

Targets

- Target
  
  e19489fce107a0bfe7e74071655c85af_JaffaCakes118
- Size
  
  440KB
- MD5
  
  e19489fce107a0bfe7e74071655c85af
- SHA1
  
  9ef0c836ad3841970f3d413c5b15cf6371ebf49e
- SHA256
  
  8076f8f2ff1f8d79f0ba17c28f3747da28b197111c3f7195b60a371385b7a550
- SHA512
  
  10dae2c2c1aea7d54fe91733ab01d72d5a7a2f2d08d9698269e4e11cd013b844b2261bd7e54fdf8204c45fa8b816202b9957606186ece9da5ea315866df56d2f
- SSDEEP
  
  6144:yAXzR+WZrBP1t+lPd5VgD/WOSZ5+PB62PKa9vWgVwXD/IqU61t+y+q:yyzrUPd8/W/Z50rujx1t+y+q
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2