emotet

General

Target

e85ab650212ff6c0135f1cd583a176fd_JaffaCakes118
Size

95KB
Sample

240918-fcy93steql
MD5

e85ab650212ff6c0135f1cd583a176fd
SHA1

4304d8d78b016185867c523395f896f17505647a
SHA256

b34821fb9ea82c09dfe9316af65e2a4598fc239359bb8e33e42d81b07d675fcd
SHA512

58d961ad576d127aab6709a21a51f76b685e1863ddfbd6ac77f2e4ad6df3174422f16d618647d09a52bf45512a91208e2d97126ef329e24ea9baa17bc901a967
SSDEEP

1536:L4ay5eVyitXhOCkZwmOlKOoa47iBpi9MpvmK+ES6hpFzH23FUVXm6X8:Ma+KzVsCkZlOlKOoaaYvmK+EnNQFeX8

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

49.243.9.118:80

167.71.227.113:8080

190.85.46.52:7080

162.144.42.60:8080

86.57.216.23:80

202.166.170.43:80

118.243.83.70:80

36.91.44.183:80

118.33.121.37:80

116.202.10.123:8080

113.193.239.51:443

169.1.211.133:80

192.163.221.191:8080

115.79.59.157:80

51.38.201.19:7080

45.177.120.37:8080

190.194.12.132:80

185.80.172.199:80

128.106.187.110:80

73.55.128.120:80

rsa_pubkey.plain

Targets

- Target
  
  e85ab650212ff6c0135f1cd583a176fd_JaffaCakes118
- Size
  
  95KB
- MD5
  
  e85ab650212ff6c0135f1cd583a176fd
- SHA1
  
  4304d8d78b016185867c523395f896f17505647a
- SHA256
  
  b34821fb9ea82c09dfe9316af65e2a4598fc239359bb8e33e42d81b07d675fcd
- SHA512
  
  58d961ad576d127aab6709a21a51f76b685e1863ddfbd6ac77f2e4ad6df3174422f16d618647d09a52bf45512a91208e2d97126ef329e24ea9baa17bc901a967
- SSDEEP
  
  1536:L4ay5eVyitXhOCkZwmOlKOoa47iBpi9MpvmK+ES6hpFzH23FUVXm6X8:Ma+KzVsCkZlOlKOoaaYvmK+EnNQFeX8
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2