emotet

General

Target

JaffaCakes118_77d3b8e729053df5bac491825b909767299550bc37ba0ebd4ae6b4bed49b7625
Size

341KB
Sample

241229-amfmtswmhz
MD5

aa34241f21c442955d1fe58710214024
SHA1

27fe10b66e9abd08c757fea810dc77de1e44c046
SHA256

77d3b8e729053df5bac491825b909767299550bc37ba0ebd4ae6b4bed49b7625
SHA512

3f2187668c886f170ba1231c9fe306aba870d6fb6a3a32f40b17ad62c2f938127d3939ede74b3fbb230e4cf12f30e3f7ea106a354126c6e9061cb6c122152e97
SSDEEP

6144:VaKGFRDWxCvoqDV8ZGU9Li0VBh0XjjLsLZCj8Hqd0u4LLF:4W1qGZbLV+gC4H11

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

173.68.199.157:80

59.148.253.194:8080

173.212.197.71:8080

98.103.204.12:443

2.45.176.233:80

45.33.77.42:8080

181.58.181.9:80

219.92.13.25:80

12.163.208.58:80

2.85.9.41:8080

172.104.169.32:8080

149.202.72.142:7080

189.223.16.99:80

216.47.196.104:80

191.97.154.2:80

213.197.182.158:8080

94.176.234.118:443

46.105.114.137:8080

177.144.130.105:8080

174.118.202.24:443

rsa_pubkey.plain

1
-----BEGIN PUBLIC KEY-----
2
MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAOZ9fLJ8UrI0OZURpPsR3eijAyfPj3z6
3
uS75f2igmYFW2aWgNcFIzsAYQleKzD0nlCFHOo7Zf8/4wY2UW0CJ4dJEHnE/PHlz
4
6uNk3pxjm7o4eCDyiJbzf+k0Azjl0q54FQIDAQAB
5
-----END PUBLIC KEY-----

Targets

- Target
  
  JaffaCakes118_77d3b8e729053df5bac491825b909767299550bc37ba0ebd4ae6b4bed49b7625
- Size
  
  341KB
- MD5
  
  aa34241f21c442955d1fe58710214024
- SHA1
  
  27fe10b66e9abd08c757fea810dc77de1e44c046
- SHA256
  
  77d3b8e729053df5bac491825b909767299550bc37ba0ebd4ae6b4bed49b7625
- SHA512
  
  3f2187668c886f170ba1231c9fe306aba870d6fb6a3a32f40b17ad62c2f938127d3939ede74b3fbb230e4cf12f30e3f7ea106a354126c6e9061cb6c122152e97
- SSDEEP
  
  6144:VaKGFRDWxCvoqDV8ZGU9Li0VBh0XjjLsLZCj8Hqd0u4LLF:4W1qGZbLV+gC4H11
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

We care about your privacy.