Overview

overview

10

Static

static

wk2jt8o1x.bin.exe

windows7_x64

10

wk2jt8o1x.bin.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    wk2jt8o1x.bin

  • Size

    462KB

  • Sample

    200213-c3gdqtcb56

  • MD5

    425f35872003ee62983c0c0f1455be1c

  • SHA1

    320f4506d1b3c23d636b589cc5118d66613d0978

  • SHA256

    7d627999f40fd9c539410213828b168b11a7f16a04d6b0edc4b4f859ad65d2bc

  • SHA512

    75a9c4dda0f1023a85f3b683d58028caaa11fa8d67f5c37d512a2ac3e41899d751b392d8e2414411faa1d9455403737e79358415f9e0a1c0ac4f6d89dba5f23b

Score
10/10
emotetepoch1bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

70.184.112.55:80

5.34.158.102:80

144.139.91.187:80

104.236.161.64:8080

89.19.20.202:443

12.162.84.2:8080

74.50.51.115:7080

172.104.169.32:8080

177.188.121.26:443

89.32.150.160:8080

177.103.159.44:80

87.106.46.107:8080

188.135.15.49:80

31.16.195.72:80

119.59.124.163:8080

113.190.254.245:80

77.55.211.77:8080

187.54.225.76:80

200.45.187.90:80

5.196.35.138:7080
rsa_pubkey.plain

Targets

    • Target

      wk2jt8o1x.bin

    • Size

      462KB

    • MD5

      425f35872003ee62983c0c0f1455be1c

    • SHA1

      320f4506d1b3c23d636b589cc5118d66613d0978

    • SHA256

      7d627999f40fd9c539410213828b168b11a7f16a04d6b0edc4b4f859ad65d2bc

    • SHA512

      75a9c4dda0f1023a85f3b683d58028caaa11fa8d67f5c37d512a2ac3e41899d751b392d8e2414411faa1d9455403737e79358415f9e0a1c0ac4f6d89dba5f23b

    Score
    10/10
    trojanbankeremotet

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks