Overview

overview

10

Static

static

ca99237141...20.exe

windows7_x64

10

ca99237141...20.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca99237141adccc8fd96c83d1d2d50f0b674091924cc3dbfd4c8f88d73f69320

  • Size

    480KB

  • Sample

    200215-g8atg8mpl2

  • MD5

    6fe72cbad711adff42f76f9b67d1ff5b

  • SHA1

    370adcdb1de9e8a4abff392eb819f07167275c50

  • SHA256

    ca99237141adccc8fd96c83d1d2d50f0b674091924cc3dbfd4c8f88d73f69320

  • SHA512

    0a2255c002b7c5f7c0f61c7f7900d4f3f0d16d62d70cac7e962b502e9ef3ed3452b2c336fbd5b76aaf7e24fffd39e7c590d11df8c92273ccea97e83b6caa7583

Score
10/10
emotetepoch1bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

172.221.229.86:80

187.190.47.173:80

91.236.4.234:443

45.118.133.154:7080

186.68.48.204:443

110.145.124.178:443

68.183.170.114:8080

200.123.183.137:443

186.15.52.123:80

94.200.126.42:80

207.154.204.40:8080

189.180.84.98:443

200.45.187.90:80

91.83.93.124:7080

152.231.89.226:80

175.139.209.3:8080

216.195.168.93:80

139.47.135.215:80

175.114.178.83:443

139.162.118.88:8080
rsa_pubkey.plain

Targets

    • Target

      ca99237141adccc8fd96c83d1d2d50f0b674091924cc3dbfd4c8f88d73f69320

    • Size

      480KB

    • MD5

      6fe72cbad711adff42f76f9b67d1ff5b

    • SHA1

      370adcdb1de9e8a4abff392eb819f07167275c50

    • SHA256

      ca99237141adccc8fd96c83d1d2d50f0b674091924cc3dbfd4c8f88d73f69320

    • SHA512

      0a2255c002b7c5f7c0f61c7f7900d4f3f0d16d62d70cac7e962b502e9ef3ed3452b2c336fbd5b76aaf7e24fffd39e7c590d11df8c92273ccea97e83b6caa7583

    Score
    10/10
    trojanbankeremotet

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks