emotet

General

Target

bc55b6fa9064c49a78c39a74975631f7_JaffaCakes118
Size

616KB
Sample

240618-rdwfcswhrd
MD5

bc55b6fa9064c49a78c39a74975631f7
SHA1

0a45a37281f607d04466617b9bd510367afd70a2
SHA256

7683f77bc1a06a34b324540abb000137f75f5e79990b0ea453978eb4a207828b
SHA512

3c7cb9866e6cb259df1ef8929ee6f96ee4288a95c30496887a8ac308c9ce17e9bc5bb492d566860b89654539fcd1e12f0943c53ec2182bdbe6938a3cf7633f6f
SSDEEP

6144:3NyMUE8JKsa4OQu+/Qj/3XonIgrOUP/h8HPcSpoS482U7l1NytEm:9ypE8JhOQu+IzYnI7Uk4820

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

72.69.99.47:80

190.5.162.204:80

123.142.37.165:80

50.63.13.135:8080

222.239.249.166:443

192.161.190.171:8080

80.93.48.49:7080

195.201.56.68:7080

181.44.166.242:80

161.18.233.114:80

51.38.134.203:8080

212.129.14.27:8080

172.90.70.168:443

45.129.121.222:443

189.180.105.125:443

186.66.224.182:990

122.11.164.183:80

138.197.140.163:8080

211.218.105.101:80

212.112.113.235:80

rsa_pubkey.plain

Targets

- Target
  
  bc55b6fa9064c49a78c39a74975631f7_JaffaCakes118
- Size
  
  616KB
- MD5
  
  bc55b6fa9064c49a78c39a74975631f7
- SHA1
  
  0a45a37281f607d04466617b9bd510367afd70a2
- SHA256
  
  7683f77bc1a06a34b324540abb000137f75f5e79990b0ea453978eb4a207828b
- SHA512
  
  3c7cb9866e6cb259df1ef8929ee6f96ee4288a95c30496887a8ac308c9ce17e9bc5bb492d566860b89654539fcd1e12f0943c53ec2182bdbe6938a3cf7633f6f
- SSDEEP
  
  6144:3NyMUE8JKsa4OQu+/Qj/3XonIgrOUP/h8HPcSpoS482U7l1NytEm:9ypE8JhOQu+IzYnI7Uk4820
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2