emotet

General

Target

e3f639051f9d7e411beb30d09a94adb4_JaffaCakes118
Size

272KB
Sample

240916-eaqdqaxejg
MD5

e3f639051f9d7e411beb30d09a94adb4
SHA1

a9bc5020bb8c777709b278c36e3d7eb5eb21b9e5
SHA256

11f2c5474cae37d434a8c66e8c7fef6430cdac153501aa654a1aa496d61f090b
SHA512

f7f25d3582a001edffdb4b0379b85e66e684db7e35f826639ee4d6cd4987a2828c5f6d9328952402ed2fa9807446712759b1e0a51b8bf28428c340ffa2d22cef
SSDEEP

6144:kf00dcXhVqo9bdXltxg+iPHR27xVaXqg6QWnGD:kJS9BXh6qkXq/E

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

12.163.208.58:80

45.33.35.74:8080

87.106.253.248:8080

192.241.146.84:8080

190.115.18.139:8080

65.36.62.20:80

170.81.48.2:80

83.169.21.32:7080

185.232.182.218:80

190.2.31.172:80

77.106.157.34:8080

82.230.1.24:80

202.4.58.197:80

201.213.177.139:80

78.249.119.122:80

123.51.47.18:80

77.90.136.129:8080

60.93.23.51:80

152.169.22.67:80

190.117.79.209:80

rsa_pubkey.plain

Targets

- Target
  
  e3f639051f9d7e411beb30d09a94adb4_JaffaCakes118
- Size
  
  272KB
- MD5
  
  e3f639051f9d7e411beb30d09a94adb4
- SHA1
  
  a9bc5020bb8c777709b278c36e3d7eb5eb21b9e5
- SHA256
  
  11f2c5474cae37d434a8c66e8c7fef6430cdac153501aa654a1aa496d61f090b
- SHA512
  
  f7f25d3582a001edffdb4b0379b85e66e684db7e35f826639ee4d6cd4987a2828c5f6d9328952402ed2fa9807446712759b1e0a51b8bf28428c340ffa2d22cef
- SSDEEP
  
  6144:kf00dcXhVqo9bdXltxg+iPHR27xVaXqg6QWnGD:kJS9BXh6qkXq/E
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2