Overview

overview

10

Static

static

emotet_pe2

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    07f12a99ec781b00b005e7c3c5b7d203977d62f8f87d599345cfea9ce7cdcf5a

  • Size

    346KB

  • Sample

    210123-qest7dx8vx

  • MD5

    aff01e7f7abbdb4fb660aca06e645618

  • SHA1

    27d848b6b8753bd5b184bd86b7c7ec568a2ac429

  • SHA256

    07f12a99ec781b00b005e7c3c5b7d203977d62f8f87d599345cfea9ce7cdcf5a

  • SHA512

    15b233ae35729d5953c4591182f53e4e79ce65e9353c2595d6f5b9067913a81d68d052642224d6e036adbf9724c9f584a91423823c706bbccc2404532fdd5598

Score
10/10
emotetepoch1bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

84.232.229.24:80

51.255.203.164:8080

217.160.169.110:8080

51.15.7.145:80

177.85.167.10:80

186.177.174.163:80

190.114.254.163:8080

185.183.16.47:80

149.202.72.142:7080

181.30.61.163:443

31.27.59.105:80

50.28.51.143:8080

68.183.190.199:8080

85.214.26.7:8080

137.74.106.111:7080

200.75.39.254:80

85.105.239.184:443

190.45.24.210:80

170.81.48.2:80

109.101.137.162:8080
rsa_pubkey.plain

Targets

    • Target

      07f12a99ec781b00b005e7c3c5b7d203977d62f8f87d599345cfea9ce7cdcf5a

    • Size

      346KB

    • MD5

      aff01e7f7abbdb4fb660aca06e645618

    • SHA1

      27d848b6b8753bd5b184bd86b7c7ec568a2ac429

    • SHA256

      07f12a99ec781b00b005e7c3c5b7d203977d62f8f87d599345cfea9ce7cdcf5a

    • SHA512

      15b233ae35729d5953c4591182f53e4e79ce65e9353c2595d6f5b9067913a81d68d052642224d6e036adbf9724c9f584a91423823c706bbccc2404532fdd5598

    Score
    10/10
    emotetepoch1bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Blocklisted process makes network request

    behavioral1

MITRE ATT&CK Matrix

Tasks