Malware sandboxing report by Hatching Triage

Resubmissions

27-01-2021 13:48

210127-r2lv7jddhs 10

27-01-2021 01:17

210127-7n6zga3sne 10

Sharing

Copy URL

Twitter E-mail

General

Target

2760000.netprovfw.bin
Size

342KB
Sample

210127-r2lv7jddhs
MD5

90478bb3273d74a7a4bae530dee87174
SHA1

8fa8f069d4391a21346de65a5ee729ad6ef56a60
SHA256

f865736f27acaaca93c530f82295fdddf9b97fc54f37732815e89ad660eb69e4
SHA512

4df47075f24abd5882f27e22d39c6a73b1586ddd1757539387a885e3f112e1e00b4b97b4f68d91ef5662c7a3973ab350fe5e1e68d36943948ffa255315f51961

Score

10^/10

emotet lea

Malware Config

Extracted

Family

emotet

Botnet

LEA

80.158.59.174:8080

80.158.43.136:80

80.158.3.161:443

80.158.51.209:8080

80.158.35.51:80

80.158.63.78:443

80.158.53.167:80

80.158.62.194:443

rsa_pubkey.plain

Targets

- Target
  
  2760000.netprovfw.bin
- Size
  
  342KB
- MD5
  
  90478bb3273d74a7a4bae530dee87174
- SHA1
  
  8fa8f069d4391a21346de65a5ee729ad6ef56a60
- SHA256
  
  f865736f27acaaca93c530f82295fdddf9b97fc54f37732815e89ad660eb69e4
- SHA512
  
  4df47075f24abd5882f27e22d39c6a73b1586ddd1757539387a885e3f112e1e00b4b97b4f68d91ef5662c7a3973ab350fe5e1e68d36943948ffa255315f51961
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks