emotet

General

Target

eb5094c9b19a94c9169175f7f12ce661_JaffaCakes118
Size

272KB
Sample

240919-pft9zaxfpe
MD5

eb5094c9b19a94c9169175f7f12ce661
SHA1

7628389c38a3fedc3385ac7c23597cc5e0ad58f5
SHA256

66ebf3a6ad05e989a0c1a461811be71ec4e46dd99d9aa950329c5a3a7475338a
SHA512

625c63dbcccf4cc2bc71af012a887b24cef249adddb796535f051621e037a67b88a608a5675fa0ce11377099d588b56e6a23fad668a78568b2c0cf51da341165
SSDEEP

6144:ADC5yQfvp9e4YbTaPnEu/+6i5j0RgmJWIafGX40T:oCBfvLoaPDHi2JgfOn

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

118.110.236.121:8080

149.202.5.139:443

153.92.4.96:8080

51.75.163.68:7080

143.95.101.72:8080

190.225.150.234:80

186.227.146.102:80

181.137.229.1:80

175.29.183.2:80

77.74.78.80:443

175.139.144.229:8080

222.159.240.58:80

190.55.186.229:80

190.190.15.20:80

157.245.138.101:7080

46.32.229.152:8080

195.201.56.70:8080

198.57.203.63:8080

157.7.164.178:8081

189.39.32.161:80

rsa_pubkey.plain

1
-----BEGIN PUBLIC KEY-----
2
MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAM/TXLLvX91I6dVMYe+T1PPO6mpcg7OJ
3
cMl9o/g4nUhZOp8fAAmQl8XMXeGvDhZXTyX1AXf401iPFui0RB6glhl/7/djvi7j
4
l32lAhyBANpKGty8xf3J5kGwwClnG/CXHQIDAQAB
5
-----END PUBLIC KEY-----

Targets

- Target
  
  eb5094c9b19a94c9169175f7f12ce661_JaffaCakes118
- Size
  
  272KB
- MD5
  
  eb5094c9b19a94c9169175f7f12ce661
- SHA1
  
  7628389c38a3fedc3385ac7c23597cc5e0ad58f5
- SHA256
  
  66ebf3a6ad05e989a0c1a461811be71ec4e46dd99d9aa950329c5a3a7475338a
- SHA512
  
  625c63dbcccf4cc2bc71af012a887b24cef249adddb796535f051621e037a67b88a608a5675fa0ce11377099d588b56e6a23fad668a78568b2c0cf51da341165
- SSDEEP
  
  6144:ADC5yQfvp9e4YbTaPnEu/+6i5j0RgmJWIafGX40T:oCBfvLoaPDHi2JgfOn
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

We care about your privacy.