emotet

General

Target

eb8910ce3b748b9aa6f59677f7079360_JaffaCakes118
Size

212KB
Sample

240919-rw2p4atbnh
MD5

eb8910ce3b748b9aa6f59677f7079360
SHA1

e013652ee9b5c6ff4fff07535c00eae64d68908c
SHA256

9a3367d0e46ad62973381a7fc2c301addc8c19fcd4ed98179efbb19e9e3855b8
SHA512

4f79af7e69f4346a6e68a0d5da9e545d1cedd89ea2a1524413a325f5df91f9809598b4fe03e6cd70afaa078e5fcec8c3be777832861b8cfa1ec6f54ab0bccead
SSDEEP

6144:NKdlKfKV7SI9wolCcW3AD4amQd9t+qyly:rf8ZwolCNaxA5y

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

49.243.9.118:80

167.71.227.113:8080

190.85.46.52:7080

162.144.42.60:8080

86.57.216.23:80

202.166.170.43:80

118.243.83.70:80

36.91.44.183:80

118.33.121.37:80

116.202.10.123:8080

113.193.239.51:443

169.1.211.133:80

192.163.221.191:8080

115.79.59.157:80

51.38.201.19:7080

45.177.120.37:8080

190.194.12.132:80

185.80.172.199:80

128.106.187.110:80

73.55.128.120:80

rsa_pubkey.plain

Targets

- Target
  
  eb8910ce3b748b9aa6f59677f7079360_JaffaCakes118
- Size
  
  212KB
- MD5
  
  eb8910ce3b748b9aa6f59677f7079360
- SHA1
  
  e013652ee9b5c6ff4fff07535c00eae64d68908c
- SHA256
  
  9a3367d0e46ad62973381a7fc2c301addc8c19fcd4ed98179efbb19e9e3855b8
- SHA512
  
  4f79af7e69f4346a6e68a0d5da9e545d1cedd89ea2a1524413a325f5df91f9809598b4fe03e6cd70afaa078e5fcec8c3be777832861b8cfa1ec6f54ab0bccead
- SSDEEP
  
  6144:NKdlKfKV7SI9wolCcW3AD4amQd9t+qyly:rf8ZwolCNaxA5y
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2