emotet

General

Target

JaffaCakes118_6fa73c0db16abfaaff3d5cb80d0ab4c7cc534b7bfd5780617555cce0b2386785
Size

108KB
Sample

241230-csveaavmap
MD5

391957b9a753ce89f0aa0495ea7d4f28
SHA1

2861f3950a26edeb5ce964133db754d13fa312e3
SHA256

6fa73c0db16abfaaff3d5cb80d0ab4c7cc534b7bfd5780617555cce0b2386785
SHA512

0f55d16cd3ab985d7ca345c5a730eddc5d0f1fc3d9e4271518528ab708fa3afe65b1957ed2e723e09654e86f61b91260822ac4bc0e7f779ffdc61af1296c55ad
SSDEEP

1536:ebqV8t0vNAoo4PBMJP2EHM9J3YYvM2iROs:ebqfPSP26MUYv75s

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

82.163.245.38:80

209.126.6.222:8080

5.153.250.14:8080

186.70.127.199:8090

190.128.173.10:80

190.195.129.227:8090

91.219.169.180:80

45.173.88.33:80

185.33.0.233:80

188.2.217.94:80

207.144.103.227:80

45.161.242.102:80

219.92.13.25:80

190.163.31.26:80

68.183.170.114:8080

191.99.160.58:80

73.213.208.163:80

94.176.234.118:443

104.131.41.185:8080

45.33.77.42:8080

rsa_pubkey.plain

Targets

- Target
  
  JaffaCakes118_6fa73c0db16abfaaff3d5cb80d0ab4c7cc534b7bfd5780617555cce0b2386785
- Size
  
  108KB
- MD5
  
  391957b9a753ce89f0aa0495ea7d4f28
- SHA1
  
  2861f3950a26edeb5ce964133db754d13fa312e3
- SHA256
  
  6fa73c0db16abfaaff3d5cb80d0ab4c7cc534b7bfd5780617555cce0b2386785
- SHA512
  
  0f55d16cd3ab985d7ca345c5a730eddc5d0f1fc3d9e4271518528ab708fa3afe65b1957ed2e723e09654e86f61b91260822ac4bc0e7f779ffdc61af1296c55ad
- SSDEEP
  
  1536:ebqV8t0vNAoo4PBMJP2EHM9J3YYvM2iROs:ebqfPSP26MUYv75s
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2