Overview

overview

10

Static

static

emotet_pe2

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b3dec7c6f4be5b34e6db1d2bed257a5b804c9a766d83d93d25e4146855051116

  • Size

    340KB

  • Sample

    210124-wgp8vx9slj

  • MD5

    19da45a778345a910cd25c41a115b77e

  • SHA1

    a70fc0d7248c39be47303f5af48710c4b4d62ff3

  • SHA256

    b3dec7c6f4be5b34e6db1d2bed257a5b804c9a766d83d93d25e4146855051116

  • SHA512

    a7c7e8931c7e6f0c042e9bdbf7773de9dec33ceff915618b204a884c2babdf51a902b6125ed4fab5cc572de6b3aeb7cbf602a816a27a9e6cefb0e40c4002893a

Score
10/10
emotetepoch2bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

69.38.130.14:80

195.159.28.230:8080

162.241.204.233:8080

115.21.224.117:80

78.189.148.42:80

181.165.68.127:80

78.188.225.105:80

161.0.153.60:80

89.106.251.163:80

172.125.40.123:80

5.39.91.110:7080

110.145.11.73:80

190.251.200.206:80

144.217.7.207:7080

75.109.111.18:80

75.177.207.146:80

139.59.60.244:8080

70.183.211.3:80

95.213.236.64:8080

61.19.246.238:443
rsa_pubkey.plain

Targets

    • Target

      b3dec7c6f4be5b34e6db1d2bed257a5b804c9a766d83d93d25e4146855051116

    • Size

      340KB

    • MD5

      19da45a778345a910cd25c41a115b77e

    • SHA1

      a70fc0d7248c39be47303f5af48710c4b4d62ff3

    • SHA256

      b3dec7c6f4be5b34e6db1d2bed257a5b804c9a766d83d93d25e4146855051116

    • SHA512

      a7c7e8931c7e6f0c042e9bdbf7773de9dec33ceff915618b204a884c2babdf51a902b6125ed4fab5cc572de6b3aeb7cbf602a816a27a9e6cefb0e40c4002893a

    Score
    10/10
    emotetepoch2bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Blocklisted process makes network request

    behavioral1

MITRE ATT&CK Matrix

Tasks