Overview

overview

10

Static

static

emotet_pe2

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd5ab00812a21fc2ea3d72930a64c52de58f10021b3054e9d5620a0a45f5a5ee

  • Size

    340KB

  • Sample

    210124-gw49fnmn1j

  • MD5

    3a3e2a320b4d822d155e3d9ee26df762

  • SHA1

    759d8aa6404cce46aaf43983fc2b3b41c1513855

  • SHA256

    fd5ab00812a21fc2ea3d72930a64c52de58f10021b3054e9d5620a0a45f5a5ee

  • SHA512

    00a17e2fd1af530ade7bebf1607a2c3eaf820ad09e18f5ba5bce329091593b1993aa0f65a377273f9d5748acb4acaa39cdeff59a29559913f1a35e6f1494a3e8

Score
10/10
emotetepoch2bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

69.38.130.14:80

195.159.28.230:8080

162.241.204.233:8080

115.21.224.117:80

78.189.148.42:80

181.165.68.127:80

78.188.225.105:80

161.0.153.60:80

89.106.251.163:80

172.125.40.123:80

5.39.91.110:7080

110.145.11.73:80

190.251.200.206:80

144.217.7.207:7080

75.109.111.18:80

75.177.207.146:80

139.59.60.244:8080

70.183.211.3:80

95.213.236.64:8080

61.19.246.238:443
rsa_pubkey.plain

Targets

    • Target

      fd5ab00812a21fc2ea3d72930a64c52de58f10021b3054e9d5620a0a45f5a5ee

    • Size

      340KB

    • MD5

      3a3e2a320b4d822d155e3d9ee26df762

    • SHA1

      759d8aa6404cce46aaf43983fc2b3b41c1513855

    • SHA256

      fd5ab00812a21fc2ea3d72930a64c52de58f10021b3054e9d5620a0a45f5a5ee

    • SHA512

      00a17e2fd1af530ade7bebf1607a2c3eaf820ad09e18f5ba5bce329091593b1993aa0f65a377273f9d5748acb4acaa39cdeff59a29559913f1a35e6f1494a3e8

    Score
    10/10
    emotetepoch2bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Blocklisted process makes network request

    behavioral1

MITRE ATT&CK Matrix

Tasks