emotet

General

Target

e7d098969a845f3b7f7674a4dc328abb_JaffaCakes118
Size

608KB
Sample

240917-2bjc5aybqm
MD5

e7d098969a845f3b7f7674a4dc328abb
SHA1

8d3251cad5bd69fdb1a4f17ee2f52d9056caa3ae
SHA256

ddecacbbb1f58ccee7d1590fe0bf717c847fb75bd8ddf606927cfb2ea418dcd4
SHA512

c584a95522f0f82cffe09a4168a9482fbccf54e08647726088abaea23bb8e66d2fed37c32e2f347e2421ba6dcfcf25ef24dc605e73ca8d89fb938b174b68f577
SSDEEP

3072:WLp9b94eorwmOgroAjVd1nut+uV2mTVDjFwkWl176jZ1hCagdQvPW5x3pLVtZM:g9b9SOgRVdRQ/vqkg1gEagdQH8LVta

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

189.253.27.123:465

181.47.235.26:993

203.99.188.203:990

70.32.94.58:8080

213.138.100.98:8080

144.76.62.10:8080

70.45.30.28:80

51.38.134.203:8080

93.78.205.196:443

203.99.182.135:443

181.97.70.132:8080

95.216.207.86:7080

113.52.135.33:7080

216.70.88.55:8080

125.99.61.162:7080

212.112.113.235:80

78.109.34.178:443

138.197.140.163:8080

83.169.33.157:8080

94.177.253.126:80

rsa_pubkey.plain

Targets

- Target
  
  e7d098969a845f3b7f7674a4dc328abb_JaffaCakes118
- Size
  
  608KB
- MD5
  
  e7d098969a845f3b7f7674a4dc328abb
- SHA1
  
  8d3251cad5bd69fdb1a4f17ee2f52d9056caa3ae
- SHA256
  
  ddecacbbb1f58ccee7d1590fe0bf717c847fb75bd8ddf606927cfb2ea418dcd4
- SHA512
  
  c584a95522f0f82cffe09a4168a9482fbccf54e08647726088abaea23bb8e66d2fed37c32e2f347e2421ba6dcfcf25ef24dc605e73ca8d89fb938b174b68f577
- SSDEEP
  
  3072:WLp9b94eorwmOgroAjVd1nut+uV2mTVDjFwkWl176jZ1hCagdQvPW5x3pLVtZM:g9b9SOgRVdRQ/vqkg1gEagdQH8LVta
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2