Overview

overview

10

Static

static

da4d8b5405...aa.exe

windows7_x64

10

da4d8b5405...aa.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    da4d8b5405aa240d7bbfcf8b99e3aaaa

  • Size

    360KB

  • Sample

    201117-f2jd3mpq6s

  • MD5

    97749339aebe3812e77d2debfb4f8d7d

  • SHA1

    009a70af862aed6196cf71e7920f6a45ec7583b6

  • SHA256

    5d807ef8147deda9b6c486e4656f0d9a43e0829e57dcc317dabb864e4406e810

  • SHA512

    7fa5e3840d096826a0c4355ef651d9d6f45d0d155c290a55db44ff1445500656900538246601cbb94d6756dc481d331484462aa8b05e1cdbf171fed42f305a11

Score
10/10
emotetepoch1bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

190.202.229.74:80

118.69.11.81:7080

70.39.251.94:8080

87.230.25.43:8080

94.23.62.116:8080

37.187.161.206:8080

45.46.37.97:80

138.97.60.141:7080

177.144.130.105:8080

169.1.39.242:80

209.236.123.42:8080

202.134.4.210:7080

193.251.77.110:80

2.45.176.233:80

217.13.106.14:8080

189.223.16.99:80

190.101.156.139:80

77.238.212.227:80

181.58.181.9:80

37.183.81.217:80
rsa_pubkey.plain

Targets

    • Target

      da4d8b5405aa240d7bbfcf8b99e3aaaa

    • Size

      360KB

    • MD5

      97749339aebe3812e77d2debfb4f8d7d

    • SHA1

      009a70af862aed6196cf71e7920f6a45ec7583b6

    • SHA256

      5d807ef8147deda9b6c486e4656f0d9a43e0829e57dcc317dabb864e4406e810

    • SHA512

      7fa5e3840d096826a0c4355ef651d9d6f45d0d155c290a55db44ff1445500656900538246601cbb94d6756dc481d331484462aa8b05e1cdbf171fed42f305a11

    Score
    10/10
    emotetepoch1bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Emotet Payload

      Detects Emotet payload in memory.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks