Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

emotet_pe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    53543c4e067429ef1855f883b1a455450c4e4215484bc18c8f1a43b10cdd1829

  • Size

    668KB

  • Sample

    200729-f1kwngvgg2

  • MD5

    15f3862532be14973079209b608f73ce

  • SHA1

    20a8e5775c7fd07fc8274e306066f3a9a4318002

  • SHA256

    53543c4e067429ef1855f883b1a455450c4e4215484bc18c8f1a43b10cdd1829

  • SHA512

    f9f82b088b7ae2916c1dad262da7f12b0cb247fbd25ce1f6c9bb43689cc808fc4cfd7099a9a5ed8a6ffb93c2b91195a5db69f86706c4ad76edfec73dad28cf80

Score
10/10
emotetepoch2bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

76.27.179.47:80

212.51.142.238:8080

189.212.199.126:443

61.19.246.238:443

162.154.38.103:80

91.211.88.52:7080

83.110.223.58:443

124.45.106.173:443

116.203.32.252:8080

109.117.53.230:443

5.196.74.210:8080

75.139.38.211:80

168.235.67.138:7080

176.111.60.55:8080

169.239.182.217:8080

74.208.45.104:8080

31.31.77.83:443

222.214.218.37:4143

37.139.21.175:8080

91.205.215.66:443
rsa_pubkey.plain

Targets

    • Target

      53543c4e067429ef1855f883b1a455450c4e4215484bc18c8f1a43b10cdd1829

    • Size

      668KB

    • MD5

      15f3862532be14973079209b608f73ce

    • SHA1

      20a8e5775c7fd07fc8274e306066f3a9a4318002

    • SHA256

      53543c4e067429ef1855f883b1a455450c4e4215484bc18c8f1a43b10cdd1829

    • SHA512

      f9f82b088b7ae2916c1dad262da7f12b0cb247fbd25ce1f6c9bb43689cc808fc4cfd7099a9a5ed8a6ffb93c2b91195a5db69f86706c4ad76edfec73dad28cf80

    Score
    10/10
    trojanbankeremotet

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Emotet Payload

      Detects Emotet payload in memory.

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Matrix

Tasks