emotet

General

Target

JaffaCakes118_2b685416bd25fa1ee8964909e15eb7d823119d4c970b951005369f78627f85aa
Size

892KB
Sample

241222-bg4yxaxjew
MD5

73c678ab4665d0f76185b238ab73dc06
SHA1

9a11650123fff20468a1a296b94d73bf23a4cd12
SHA256

2b685416bd25fa1ee8964909e15eb7d823119d4c970b951005369f78627f85aa
SHA512

2193d3deae2ea21a4bf01d38713d0c1018d7e04371882750358b529e304bc7e4412059d363ce1f1c5a56f8308eea45d69351285e066fd0a3126c36a7ec853384
SSDEEP

12288:Dxn1BXbDf5Ss1Opjjy+MdMhzp4t9ma6JXGwmM:lbFFOpXy+MRt9OXGwmM

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

201.235.10.215:80

198.57.203.63:8080

163.172.107.70:8080

172.105.78.244:8080

107.161.30.122:8080

203.153.216.182:7080

37.46.129.215:8080

201.214.108.231:80

178.33.167.120:8080

181.113.229.139:443

192.210.217.94:8080

24.157.25.203:80

94.96.60.191:80

157.7.164.178:8081

75.127.14.170:8080

189.146.1.78:443

190.164.75.175:80

192.241.220.183:8080

190.55.233.156:80

91.83.93.103:443

rsa_pubkey.plain

Targets

- Target
  
  JaffaCakes118_2b685416bd25fa1ee8964909e15eb7d823119d4c970b951005369f78627f85aa
- Size
  
  892KB
- MD5
  
  73c678ab4665d0f76185b238ab73dc06
- SHA1
  
  9a11650123fff20468a1a296b94d73bf23a4cd12
- SHA256
  
  2b685416bd25fa1ee8964909e15eb7d823119d4c970b951005369f78627f85aa
- SHA512
  
  2193d3deae2ea21a4bf01d38713d0c1018d7e04371882750358b529e304bc7e4412059d363ce1f1c5a56f8308eea45d69351285e066fd0a3126c36a7ec853384
- SSDEEP
  
  12288:Dxn1BXbDf5Ss1Opjjy+MdMhzp4t9ma6JXGwmM:lbFFOpXy+MRt9OXGwmM
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2