emotet

General

Target

0f1bad291775ba17f954bf5d46a66378_JaffaCakes118
Size

660KB
Sample

240625-w7tk3sycml
MD5

0f1bad291775ba17f954bf5d46a66378
SHA1

92b128682e2a025cff9b55eea982ef2323e97e58
SHA256

ea5c2320f12468ea939473e037f53e4e14a674820f36b3e86e9afa58bf63efef
SHA512

d2ac15f258f1702e0864ab8f398250f30b852dfa6ffa383d528c3670bb1744c38640d41e08fb1ee172cec86777e4ae88a5f102fdfa7f8abb8029417771986e8d
SSDEEP

6144:c8SpbDpqwF03JFhFB19koLgUKQFEexKBePm2QdjFKaW5Z8pwMOZSDQh:CpbDp1avFn9kmfaNgPm2wcZqOZSDC

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

186.1.41.111:443

189.136.50.227:443

80.240.141.141:7080

185.187.198.10:8080

178.249.187.151:8080

185.86.148.222:8080

187.199.158.226:7080

212.71.237.140:8080

91.83.93.124:7080

190.230.60.129:80

123.168.4.66:22

77.55.211.77:8080

139.5.237.27:443

50.28.51.143:8080

189.166.68.89:443

88.250.223.190:8080

81.169.140.14:443

187.188.166.192:80

46.163.144.228:80

181.36.42.205:443

rsa_pubkey.plain

Targets

- Target
  
  0f1bad291775ba17f954bf5d46a66378_JaffaCakes118
- Size
  
  660KB
- MD5
  
  0f1bad291775ba17f954bf5d46a66378
- SHA1
  
  92b128682e2a025cff9b55eea982ef2323e97e58
- SHA256
  
  ea5c2320f12468ea939473e037f53e4e14a674820f36b3e86e9afa58bf63efef
- SHA512
  
  d2ac15f258f1702e0864ab8f398250f30b852dfa6ffa383d528c3670bb1744c38640d41e08fb1ee172cec86777e4ae88a5f102fdfa7f8abb8029417771986e8d
- SSDEEP
  
  6144:c8SpbDpqwF03JFhFB19koLgUKQFEexKBePm2QdjFKaW5Z8pwMOZSDQh:CpbDp1avFn9kmfaNgPm2wcZqOZSDC
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2