emotet

General

Target

ffe0aaa5a58e9e2732dfcf21954cc34a_JaffaCakes118
Size

644KB
Sample

240930-d41k4szgqe
MD5

ffe0aaa5a58e9e2732dfcf21954cc34a
SHA1

8819cd5ee0547d6186837ae7b2c006e21e47e76d
SHA256

7e6424b06803d1827a54cebfe837aeb14cf9b52f9e04b8ae0ec3cbd0e1cc314a
SHA512

30a57d6277f57a639f3742bc7665b48cf21cd73804180422df725106cbc008fb24e895c358faff96d3e17ede9a34b99726e0b8e7d96c120e35ad7595a03d0292
SSDEEP

6144:SWL5bs/xDPi1acqBcDd0SnawIDinG/sHuyts3s4AlLkInTH2I3ChtRflGLEh2Heg:9tbsIacruwRTHuSDtkGTvUjEEEVreD

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

190.93.210.113:80

165.100.148.200:8080

197.94.32.129:8080

45.79.75.232:8080

124.150.175.133:80

164.68.115.146:8080

5.189.148.98:8080

58.93.151.148:80

186.84.173.136:8080

37.70.131.107:80

66.229.161.86:443

188.230.134.205:80

95.216.212.157:8080

189.61.200.9:443

50.116.78.109:8080

23.253.207.142:8080

86.6.123.109:80

190.5.162.204:80

187.250.92.82:80

113.52.135.33:7080

rsa_pubkey.plain

Targets

- Target
  
  ffe0aaa5a58e9e2732dfcf21954cc34a_JaffaCakes118
- Size
  
  644KB
- MD5
  
  ffe0aaa5a58e9e2732dfcf21954cc34a
- SHA1
  
  8819cd5ee0547d6186837ae7b2c006e21e47e76d
- SHA256
  
  7e6424b06803d1827a54cebfe837aeb14cf9b52f9e04b8ae0ec3cbd0e1cc314a
- SHA512
  
  30a57d6277f57a639f3742bc7665b48cf21cd73804180422df725106cbc008fb24e895c358faff96d3e17ede9a34b99726e0b8e7d96c120e35ad7595a03d0292
- SSDEEP
  
  6144:SWL5bs/xDPi1acqBcDd0SnawIDinG/sHuyts3s4AlLkInTH2I3ChtRflGLEh2Heg:9tbsIacruwRTHuSDtkGTvUjEEEVreD
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2