emotet

General

Target

aaeb79c60cc3358fb04545db76dac8cb_JaffaCakes118
Size

648KB
Sample

240614-v3hscatell
MD5

aaeb79c60cc3358fb04545db76dac8cb
SHA1

02a7a41f4088f5b0931985d4cef83e0793ed20a5
SHA256

b23028444d54d452f96f4df6cbb647c58a4d352fdd4558dd0d3debd215902327
SHA512

6c6e4c424de56055c5f87353c9fd0e8fe426e249538a64cff06d217019ed0669d9c48320f0f629bc1d6ff51fc3a59d2a40e186353993e3b69654e53cf5f39cb8
SSDEEP

12288:dVQmoAy1ZX7vVq98aeIwXclycHnZxTheCRplautGkFr:dVSAy11Ro83Mgc5xTheCEuj

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

189.159.113.125:8080

200.51.94.251:80

45.33.54.74:443

209.141.41.136:8080

185.94.252.13:443

186.75.241.230:80

201.251.43.69:8080

190.226.44.20:21

152.89.236.214:8080

80.11.163.139:443

124.240.198.66:80

94.205.247.10:80

27.147.163.188:8080

95.128.43.213:8080

217.160.182.191:8080

169.239.182.217:8080

103.39.131.88:80

178.79.161.166:443

182.176.132.213:8090

190.211.207.11:443

rsa_pubkey.plain

Targets

- Target
  
  aaeb79c60cc3358fb04545db76dac8cb_JaffaCakes118
- Size
  
  648KB
- MD5
  
  aaeb79c60cc3358fb04545db76dac8cb
- SHA1
  
  02a7a41f4088f5b0931985d4cef83e0793ed20a5
- SHA256
  
  b23028444d54d452f96f4df6cbb647c58a4d352fdd4558dd0d3debd215902327
- SHA512
  
  6c6e4c424de56055c5f87353c9fd0e8fe426e249538a64cff06d217019ed0669d9c48320f0f629bc1d6ff51fc3a59d2a40e186353993e3b69654e53cf5f39cb8
- SSDEEP
  
  12288:dVQmoAy1ZX7vVq98aeIwXclycHnZxTheCRplautGkFr:dVSAy11Ro83Mgc5xTheCEuj
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2