Overview

overview

10

Static

static

wlandlg.bin.exe

windows7_x64

10

wlandlg.bin.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    wlandlg.bin

  • Size

    692KB

  • Sample

    200710-z392rh4nas

  • MD5

    2709b1cb95453bfd6a2570ba336cd4b3

  • SHA1

    15c0cc33f2e6cf69ecb8aae335c61b5147909d1b

  • SHA256

    b74507b01e19be7d2be37748643fa21868953c384f01c4ebda0f3c675b347736

  • SHA512

    dad56e7be4373411efc0b35395ba522db5dce7ef696136bf2835f60d29ab2844e934131813add7f3247c7d5adfe6cbed7689a207ef0e10198803cb7745f71aa1

Score
10/10
emotetepoch1bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

181.120.79.227:80

91.236.4.234:443

190.17.195.202:80

104.131.103.37:8080

190.147.137.153:443

186.3.232.68:80

190.163.1.31:8080

143.0.87.101:80

70.32.115.157:8080

177.66.190.130:80

82.196.15.205:8080

77.90.136.129:8080

175.114.178.83:443

46.28.111.142:7080

94.176.234.118:443

114.109.179.60:80

70.32.84.74:8080

172.104.169.32:8080

113.190.254.245:80

81.169.202.3:443
rsa_pubkey.plain

Targets

    • Target

      wlandlg.bin

    • Size

      692KB

    • MD5

      2709b1cb95453bfd6a2570ba336cd4b3

    • SHA1

      15c0cc33f2e6cf69ecb8aae335c61b5147909d1b

    • SHA256

      b74507b01e19be7d2be37748643fa21868953c384f01c4ebda0f3c675b347736

    • SHA512

      dad56e7be4373411efc0b35395ba522db5dce7ef696136bf2835f60d29ab2844e934131813add7f3247c7d5adfe6cbed7689a207ef0e10198803cb7745f71aa1

    Score
    10/10
    trojanbankeremotet

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks