tfvxeurehkyz.wut

General
Target

tfvxeurehkyz.wut

Size

404KB

Sample

210126-13k64pez2a

Score
10 /10
MD5

9a062ead5b2d55af0a5a4b39c5b5eadc

SHA1

fc83367be87c700a696b0329dab538b5e47d90bf

SHA256

a9c68d527223db40014d067cf4fdae5be46cca67387e9cfdff118276085f23ef

SHA512

693ab862c7e3c5dad3ca3d44bbc4a5a4c2391ff558e02e86e4c1d7d1fa7c00b4acf1c426ca619dea2b422997caaf1f0ecba37ec0ffca19edaca297005c9ad861

Malware Config

Extracted

Family emotet
Botnet LEA
C2

80.158.3.161:443

80.158.51.209:8080

80.158.35.51:80

80.158.63.78:443

80.158.53.167:80

80.158.62.194:443

80.158.59.174:8080

80.158.43.136:80

rsa_pubkey.plain
Targets
Target

tfvxeurehkyz.wut

MD5

9a062ead5b2d55af0a5a4b39c5b5eadc

Filesize

404KB

Score
10 /10
SHA1

fc83367be87c700a696b0329dab538b5e47d90bf

SHA256

a9c68d527223db40014d067cf4fdae5be46cca67387e9cfdff118276085f23ef

SHA512

693ab862c7e3c5dad3ca3d44bbc4a5a4c2391ff558e02e86e4c1d7d1fa7c00b4acf1c426ca619dea2b422997caaf1f0ecba37ec0ffca19edaca297005c9ad861

Tags

Signatures

  • Emotet

    Description

    Emotet is a trojan that is primarily spread through spam emails.

    Tags

  • Blocklisted process makes network request

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10