Overview

overview

10

Static

static

emotet_pe2

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a51d4345a69fd24c51c4364504c999cfa79a34099504cd20b2320677769f64a4

  • Size

    346KB

  • Sample

    210123-tp2myraj7a

  • MD5

    77ed23f143f2cf8c3299f086cce50449

  • SHA1

    6a986fefb1601a8dbda09e8d5b6f9519fa5543a7

  • SHA256

    a51d4345a69fd24c51c4364504c999cfa79a34099504cd20b2320677769f64a4

  • SHA512

    9768518d04c8fcaf4997915b888fa410fbd4998e504ffbb012859e570e2f00bee704e171bcbe5e7acf69544647bd8b941451c46079b6e80f829c4ff186638667

Score
10/10
emotetepoch1bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

84.232.229.24:80

51.255.203.164:8080

217.160.169.110:8080

51.15.7.145:80

177.85.167.10:80

186.177.174.163:80

190.114.254.163:8080

185.183.16.47:80

149.202.72.142:7080

181.30.61.163:443

31.27.59.105:80

50.28.51.143:8080

68.183.190.199:8080

85.214.26.7:8080

137.74.106.111:7080

200.75.39.254:80

85.105.239.184:443

190.45.24.210:80

170.81.48.2:80

109.101.137.162:8080
rsa_pubkey.plain

Targets

    • Target

      a51d4345a69fd24c51c4364504c999cfa79a34099504cd20b2320677769f64a4

    • Size

      346KB

    • MD5

      77ed23f143f2cf8c3299f086cce50449

    • SHA1

      6a986fefb1601a8dbda09e8d5b6f9519fa5543a7

    • SHA256

      a51d4345a69fd24c51c4364504c999cfa79a34099504cd20b2320677769f64a4

    • SHA512

      9768518d04c8fcaf4997915b888fa410fbd4998e504ffbb012859e570e2f00bee704e171bcbe5e7acf69544647bd8b941451c46079b6e80f829c4ff186638667

    Score
    10/10
    emotetepoch1bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Blocklisted process makes network request

    behavioral1

MITRE ATT&CK Matrix

Tasks