emotet

General

Target

JaffaCakes118_0aa547692fdd09bc2b8633b51bfc1d816d3b9500e122b84fd37b7c973e54699d
Size

308KB
Sample

241229-dz2bva1naq
MD5

a85af478b90fc743fa2070abd55015c0
SHA1

b86130397cfc65ef6bc886a254944c1249952da2
SHA256

0aa547692fdd09bc2b8633b51bfc1d816d3b9500e122b84fd37b7c973e54699d
SHA512

c3a6225b4b1a63690465a324b40e2c8e5075a070d3f68823a90f8313dc8a7814bd02aa4f144b423b3acf4838369299ef85e44294234f79f8a5e6bca605b839a7
SSDEEP

6144:TqfI2dK4las/gMXzGnZq/TVbY7/qyPoNIZAFJi:TqfIJ4lxgMXyUFskIiW

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

70.121.172.89:80

116.202.234.183:8080

69.30.203.214:8080

185.94.252.104:443

64.183.73.122:80

190.55.181.54:443

37.70.8.161:80

174.137.65.18:80

203.153.216.189:7080

109.116.214.124:443

93.51.50.171:8080

190.160.53.126:80

222.214.218.37:4143

87.106.136.232:8080

113.160.130.116:8443

174.102.48.180:80

79.98.24.39:8080

189.212.199.126:443

89.186.91.200:443

24.233.112.152:80

rsa_pubkey.plain

Targets

- Target
  
  JaffaCakes118_0aa547692fdd09bc2b8633b51bfc1d816d3b9500e122b84fd37b7c973e54699d
- Size
  
  308KB
- MD5
  
  a85af478b90fc743fa2070abd55015c0
- SHA1
  
  b86130397cfc65ef6bc886a254944c1249952da2
- SHA256
  
  0aa547692fdd09bc2b8633b51bfc1d816d3b9500e122b84fd37b7c973e54699d
- SHA512
  
  c3a6225b4b1a63690465a324b40e2c8e5075a070d3f68823a90f8313dc8a7814bd02aa4f144b423b3acf4838369299ef85e44294234f79f8a5e6bca605b839a7
- SSDEEP
  
  6144:TqfI2dK4las/gMXzGnZq/TVbY7/qyPoNIZAFJi:TqfIJ4lxgMXyUFskIiW
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2