emotet

General

Target

JaffaCakes118_eea0693fcd14bfed50e429eb8bb8ddee10536255a43d41538d7e7f0af7f48891
Size

336KB
Sample

241224-3kyd3s1lbp
MD5

02afb840e9aae8c1788f58cd7e06e84f
SHA1

71bd1e4028175056207ac0028669225e62394be3
SHA256

eea0693fcd14bfed50e429eb8bb8ddee10536255a43d41538d7e7f0af7f48891
SHA512

e8f6b2814efbae5357dee3fffe6148d4d3005f85473a9e1936fee96cd0b84a024b069b44268e108bcef680ca1e6643baf2656f19f8b3dbf9ce699e122ae9d629
SSDEEP

6144:Sr7hkhUeL5b+ZTTTBx+Dqn9iin9dgn9BvirtToOGtT4Px47:SnwL8TTTBx+Dqn9iin9dgn9BvitGe5w

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

177.130.51.198:80

91.121.87.90:8080

104.131.144.215:8080

188.226.165.170:8080

2.58.16.86:8080

79.133.6.236:8080

125.200.20.233:80

109.206.139.119:80

188.40.170.197:80

121.117.147.153:443

221.147.142.214:80

88.247.58.26:80

37.205.9.252:7080

213.165.178.214:80

27.83.209.210:443

24.231.51.190:80

192.210.217.94:8080

123.216.134.52:80

179.5.118.12:80

103.80.51.61:8080

rsa_pubkey.plain

1
-----BEGIN PUBLIC KEY-----
2
MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAM/TXLLvX91I6dVMYe+T1PPO6mpcg7OJ
3
cMl9o/g4nUhZOp8fAAmQl8XMXeGvDhZXTyX1AXf401iPFui0RB6glhl/7/djvi7j
4
l32lAhyBANpKGty8xf3J5kGwwClnG/CXHQIDAQAB
5
-----END PUBLIC KEY-----

Targets

- Target
  
  JaffaCakes118_eea0693fcd14bfed50e429eb8bb8ddee10536255a43d41538d7e7f0af7f48891
- Size
  
  336KB
- MD5
  
  02afb840e9aae8c1788f58cd7e06e84f
- SHA1
  
  71bd1e4028175056207ac0028669225e62394be3
- SHA256
  
  eea0693fcd14bfed50e429eb8bb8ddee10536255a43d41538d7e7f0af7f48891
- SHA512
  
  e8f6b2814efbae5357dee3fffe6148d4d3005f85473a9e1936fee96cd0b84a024b069b44268e108bcef680ca1e6643baf2656f19f8b3dbf9ce699e122ae9d629
- SSDEEP
  
  6144:Sr7hkhUeL5b+ZTTTBx+Dqn9iin9dgn9BvirtToOGtT4Px47:SnwL8TTTBx+Dqn9iin9dgn9BvitGe5w
Score

10^/10

discovery emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

We care about your privacy.