emotet

General

Target

a8922e3851f388aef1c65db0b6154f24_JaffaCakes118
Size

327KB
Sample

240614-jjyhxavakr
MD5

a8922e3851f388aef1c65db0b6154f24
SHA1

ee33daf137e0a891d2fdaeb57ec8ee2b5630c7bd
SHA256

d9e3c84dddaf80c960a27eb3910b2bff95a2eb7b282433c2fd023a3abb7ede00
SHA512

f42d58740540d2eff6deed3bf7f59041b464c44aee8ae87de4bd31b02904a96ece909d717971e6f2f1a37e46242f0baff5c0b4b80e530a2383c1157df726439e
SSDEEP

6144:Etm2wPZvZsPvTjGauXXZzHC1nHaT7XVOk0fV2MtUD5fnIzoez+wR8s:r2vTqjC1nHI7KfQMtB+wz

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

192.158.216.73:80

85.214.28.226:8080

142.44.137.67:443

162.241.242.173:8080

85.152.162.105:80

62.30.7.67:443

78.24.219.147:8080

74.120.55.163:80

169.239.182.217:8080

216.208.76.186:80

95.213.236.64:8080

200.114.213.233:8080

104.131.44.150:8080

70.121.172.89:80

75.139.38.211:80

185.94.252.104:443

97.82.79.83:80

103.86.49.11:8080

79.98.24.39:8080

83.169.36.251:8080

rsa_pubkey.plain

Targets

- Target
  
  a8922e3851f388aef1c65db0b6154f24_JaffaCakes118
- Size
  
  327KB
- MD5
  
  a8922e3851f388aef1c65db0b6154f24
- SHA1
  
  ee33daf137e0a891d2fdaeb57ec8ee2b5630c7bd
- SHA256
  
  d9e3c84dddaf80c960a27eb3910b2bff95a2eb7b282433c2fd023a3abb7ede00
- SHA512
  
  f42d58740540d2eff6deed3bf7f59041b464c44aee8ae87de4bd31b02904a96ece909d717971e6f2f1a37e46242f0baff5c0b4b80e530a2383c1157df726439e
- SSDEEP
  
  6144:Etm2wPZvZsPvTjGauXXZzHC1nHaT7XVOk0fV2MtUD5fnIzoez+wR8s:r2vTqjC1nHI7KfQMtB+wz
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Executes dropped EXE

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2