emotet

General

Target

add27cd5aa697b1f32f800789f71c9c2_JaffaCakes118
Size

336KB
Sample

240615-lp4m8azbjk
MD5

add27cd5aa697b1f32f800789f71c9c2
SHA1

fc1c626a0b3b2e6374dc6ed43d76392541ff7b2c
SHA256

184040912b37d8f4d94f70d5a135aab593a0257996b3baf96615e65e8fd3a53e
SHA512

ec235a1b2216e45b599f756cc1e772b6c892db2c65ed4f767ba2d4b587d9768dc4dbab7cc7146b5cc77ffdf132e0f077f3681b35022c636dd2f25e112f2c116a
SSDEEP

6144:H6RABINtOofnGFxg9930Rgr35LvHdv9cObVSa6frUnPxC:HyABIN8oIg9FP+OGYnPY

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

66.209.97.122:8080

174.77.190.137:8080

104.137.176.186:80

165.227.156.155:443

167.99.105.223:7080

67.225.179.64:8080

176.31.200.130:8080

5.196.74.210:8080

82.155.161.203:80

101.187.247.29:80

120.150.246.241:80

73.11.153.178:8080

91.205.215.66:443

70.46.247.81:80

24.93.212.32:80

139.130.241.252:443

70.175.171.251:80

217.160.182.191:8080

104.236.246.93:8080

98.24.231.64:80

rsa_pubkey.plain

Targets

- Target
  
  add27cd5aa697b1f32f800789f71c9c2_JaffaCakes118
- Size
  
  336KB
- MD5
  
  add27cd5aa697b1f32f800789f71c9c2
- SHA1
  
  fc1c626a0b3b2e6374dc6ed43d76392541ff7b2c
- SHA256
  
  184040912b37d8f4d94f70d5a135aab593a0257996b3baf96615e65e8fd3a53e
- SHA512
  
  ec235a1b2216e45b599f756cc1e772b6c892db2c65ed4f767ba2d4b587d9768dc4dbab7cc7146b5cc77ffdf132e0f077f3681b35022c636dd2f25e112f2c116a
- SSDEEP
  
  6144:H6RABINtOofnGFxg9930Rgr35LvHdv9cObVSa6frUnPxC:HyABIN8oIg9FP+OGYnPY
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2