emotet

General

Target

bcf74e4a75330d517353ba7cb9a7e495_JaffaCakes118
Size

416KB
Sample

240618-vbjwbswdjq
MD5

bcf74e4a75330d517353ba7cb9a7e495
SHA1

07567be0f0a543b470071bfab9ef3975902531de
SHA256

dc61650bbcc6bc1f3400ed0867b2c219442f177bc8511d0a18468fff37121b1c
SHA512

b11f92d5aeb84e40bff193b013a98fcfa40d1fb76c0bd89f098713e7aec71bd6bf867f481d4e929c0ec604c63d37c7360769f6cb67d1da32188971ac1787102b
SSDEEP

6144:Bv15Q7bxPe4eZT6FamoY5raN/sebXOmGqj/sz9sXIA7jIIncDZRKmXt:Bv15ubZe4eZT6QtIaX1/sztAXctRKMt

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

187.188.166.192:80

181.197.2.80:443

200.90.86.170:8080

94.177.253.126:80

131.0.103.200:8080

70.32.94.58:8080

185.45.24.254:7080

212.112.113.235:80

157.7.164.178:8081

192.241.220.183:8080

203.99.188.203:990

190.117.206.153:443

120.138.101.250:80

91.109.5.28:8080

186.84.173.153:80

181.47.235.26:993

190.228.212.165:50000

75.154.163.1:8090

203.99.188.11:443

216.70.88.55:8080

rsa_pubkey.plain

Targets

- Target
  
  bcf74e4a75330d517353ba7cb9a7e495_JaffaCakes118
- Size
  
  416KB
- MD5
  
  bcf74e4a75330d517353ba7cb9a7e495
- SHA1
  
  07567be0f0a543b470071bfab9ef3975902531de
- SHA256
  
  dc61650bbcc6bc1f3400ed0867b2c219442f177bc8511d0a18468fff37121b1c
- SHA512
  
  b11f92d5aeb84e40bff193b013a98fcfa40d1fb76c0bd89f098713e7aec71bd6bf867f481d4e929c0ec604c63d37c7360769f6cb67d1da32188971ac1787102b
- SSDEEP
  
  6144:Bv15Q7bxPe4eZT6FamoY5raN/sebXOmGqj/sz9sXIA7jIIncDZRKmXt:Bv15ubZe4eZT6QtIaX1/sztAXctRKMt
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2