Overview

overview

10

task1

 

10

task2

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ad1e36ae1480218dbdd5103f9c2d3a56a7b667a80fc9c7e15eb55918c1a20890

  • Size

    332KB

  • Sample

    191105-fx47d3617x

  • MD5

    1791d8acfb6fb4b09226872c741f82fd

  • SHA1

    f6f7ee22d0ba7effea1f9a0ff14226fa5cbb05b5

  • SHA256

    ad1e36ae1480218dbdd5103f9c2d3a56a7b667a80fc9c7e15eb55918c1a20890

  • SHA512

    03756eb1363171e6f980566fdda5a7f4ae91222f98c31cc2d0a58a3554f1207785ab0db0a3a711e377c2cdf5a26902444704aec98fa5776af66da0393c07206c

Score
10/10
emotetepoch2bankerfamilytrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

217.160.19.232:8080

192.241.220.155:8080

167.99.105.223:7080

176.31.200.130:8080

209.141.41.136:8080

105.228.98.115:443

200.71.148.138:8080

59.103.164.174:80

37.187.2.199:443

136.243.177.26:8080

103.39.131.88:80

78.24.219.147:8080

115.78.95.230:443

183.102.238.69:465

212.71.234.16:8080

87.106.136.232:8080

37.157.194.134:443

133.167.80.63:7080

181.31.213.158:8080

86.22.221.170:80
rsa_pubkey.plain

Targets

    • Target

      ad1e36ae1480218dbdd5103f9c2d3a56a7b667a80fc9c7e15eb55918c1a20890

    • Size

      332KB

    • MD5

      1791d8acfb6fb4b09226872c741f82fd

    • SHA1

      f6f7ee22d0ba7effea1f9a0ff14226fa5cbb05b5

    • SHA256

      ad1e36ae1480218dbdd5103f9c2d3a56a7b667a80fc9c7e15eb55918c1a20890

    • SHA512

      03756eb1363171e6f980566fdda5a7f4ae91222f98c31cc2d0a58a3554f1207785ab0db0a3a711e377c2cdf5a26902444704aec98fa5776af66da0393c07206c

    Score
    10/10
    trojanbankerfamilyemotet
    task1task2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Disabling Security Tools

1
T1089

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks