emotet

General

Target

JaffaCakes118_86cb2cb89c9bc9336b13966aaac89f835b5a0b8ce3acb99cb6414a7dac2bac01
Size

428KB
Sample

241230-dxcwgawpgs
MD5

c7397886d1320da0e5cea47ce55e72cc
SHA1

f1f030280900d9a2cc7d3555e8f94178ebb6cd68
SHA256

86cb2cb89c9bc9336b13966aaac89f835b5a0b8ce3acb99cb6414a7dac2bac01
SHA512

c869d1ded070513a786b5136d525ae1664eba30884b60d4f0aea64da2ad36b787fdf5ae280bd37fc5cd7367f801b544bb23b7fd1ff71c6e21027491a66532a20
SSDEEP

12288:t61KBnflNHOvmzIeCHv3/qJd60gmoP1jjv08/adpUu:t6wXCP3/qJd60gmoP1jjv08/ipUu

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

24.249.135.121:80

185.94.252.13:443

149.62.173.247:8080

50.28.51.143:8080

80.249.176.206:80

5.196.35.138:7080

190.17.195.202:80

143.0.87.101:80

190.147.137.153:443

181.30.69.50:80

51.255.165.160:8080

190.96.118.251:443

72.47.248.48:7080

178.79.163.131:8080

212.231.60.98:80

187.162.248.237:80

2.47.112.152:80

68.183.190.199:8080

192.241.143.52:8080

77.55.211.77:8080

rsa_pubkey.plain

Targets

- Target
  
  JaffaCakes118_86cb2cb89c9bc9336b13966aaac89f835b5a0b8ce3acb99cb6414a7dac2bac01
- Size
  
  428KB
- MD5
  
  c7397886d1320da0e5cea47ce55e72cc
- SHA1
  
  f1f030280900d9a2cc7d3555e8f94178ebb6cd68
- SHA256
  
  86cb2cb89c9bc9336b13966aaac89f835b5a0b8ce3acb99cb6414a7dac2bac01
- SHA512
  
  c869d1ded070513a786b5136d525ae1664eba30884b60d4f0aea64da2ad36b787fdf5ae280bd37fc5cd7367f801b544bb23b7fd1ff71c6e21027491a66532a20
- SSDEEP
  
  12288:t61KBnflNHOvmzIeCHv3/qJd60gmoP1jjv08/adpUu:t6wXCP3/qJd60gmoP1jjv08/ipUu
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2