Overview

overview

10

Static

static

emotet_pe2

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    daf512235dfc246249216be9bca5c352a2b29512766be7520fd2ff857f4bb38f

  • Size

    346KB

  • Sample

    210123-dbrxqq788n

  • MD5

    b953ae9f15ec2708989c922d49c75d3f

  • SHA1

    8d621d646cb4dd35b648f773e9715feba4123565

  • SHA256

    daf512235dfc246249216be9bca5c352a2b29512766be7520fd2ff857f4bb38f

  • SHA512

    fd8d0b786ee5e5561680c5da40953832c33cc3058fb788847b66540442ccf7a535de6e75cf216e2ee41fa240367755060770d5c4aa8c660b396047c517e9148b

Score
10/10
emotetepoch1bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

84.232.229.24:80

51.255.203.164:8080

217.160.169.110:8080

51.15.7.145:80

177.85.167.10:80

186.177.174.163:80

190.114.254.163:8080

185.183.16.47:80

149.202.72.142:7080

181.30.61.163:443

31.27.59.105:80

50.28.51.143:8080

68.183.190.199:8080

85.214.26.7:8080

137.74.106.111:7080

200.75.39.254:80

85.105.239.184:443

190.45.24.210:80

170.81.48.2:80

109.101.137.162:8080
rsa_pubkey.plain

Targets

    • Target

      daf512235dfc246249216be9bca5c352a2b29512766be7520fd2ff857f4bb38f

    • Size

      346KB

    • MD5

      b953ae9f15ec2708989c922d49c75d3f

    • SHA1

      8d621d646cb4dd35b648f773e9715feba4123565

    • SHA256

      daf512235dfc246249216be9bca5c352a2b29512766be7520fd2ff857f4bb38f

    • SHA512

      fd8d0b786ee5e5561680c5da40953832c33cc3058fb788847b66540442ccf7a535de6e75cf216e2ee41fa240367755060770d5c4aa8c660b396047c517e9148b

    Score
    10/10
    emotetepoch1bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Blocklisted process makes network request

    behavioral1

MITRE ATT&CK Matrix

Tasks