registeriepkeys.exe

General
Target

registeriepkeys.exe

Size

385KB

Sample

210218-k3ksfgnrqj

Score
10 /10
MD5

ef8f78ba386eaf59a2d33361b3b052fc

SHA1

8508f9fe9e1887fbeae7be9e723c00b8e35125ef

SHA256

fa8475c06aa2cec56fa658fd22b3bd6647108146889fef56fbcb977429c9e9ce

SHA512

0ba6bc3e6e3718e7fd8470f86d3daa15326da00b123536a18790fb12a2011f1897af00975e9ef5b9df5af01d72ff85b4fde64f1b57f065457565e61851ffe90b

Malware Config

Extracted

Family emotet
Botnet Epoch2
C2

174.102.48.180:80

88.217.172.164:443

51.75.33.120:8080

62.138.26.28:8080

169.239.182.217:8080

114.146.222.200:80

116.203.32.252:8080

103.86.49.11:8080

74.120.55.163:80

41.60.200.34:80

209.182.216.177:443

157.245.99.39:8080

87.106.139.101:8080

152.168.248.128:443

104.236.246.93:8080

47.144.21.12:443

139.130.242.43:80

181.230.116.163:80

72.12.127.184:443

61.19.246.238:443

222.214.218.37:4143

119.198.40.179:80

47.153.182.47:80

95.179.229.244:8080

5.39.91.110:7080

181.211.11.242:80

76.27.179.47:80

167.86.90.214:8080

70.167.215.250:8080

95.213.236.64:8080

203.153.216.189:7080

81.2.235.111:8080

165.165.171.160:8080

176.111.60.55:8080

142.105.151.124:443

110.145.77.103:80

200.55.243.138:8080

183.101.175.193:80

190.160.53.126:80

104.131.44.150:8080

37.187.72.193:8080

47.146.117.214:80

2.58.16.85:7080

209.143.35.232:80

24.137.76.62:80

153.126.210.205:7080

78.24.219.147:8080

96.8.113.4:8080

91.211.88.52:7080

104.131.11.150:443

rsa_pubkey.plain
Targets
Target

registeriepkeys.exe

MD5

ef8f78ba386eaf59a2d33361b3b052fc

Filesize

385KB

Score
10/10
SHA1

8508f9fe9e1887fbeae7be9e723c00b8e35125ef

SHA256

fa8475c06aa2cec56fa658fd22b3bd6647108146889fef56fbcb977429c9e9ce

SHA512

0ba6bc3e6e3718e7fd8470f86d3daa15326da00b123536a18790fb12a2011f1897af00975e9ef5b9df5af01d72ff85b4fde64f1b57f065457565e61851ffe90b

Tags

Signatures

  • Emotet

    Description

    Emotet is a trojan that is primarily spread through spam emails.

    Tags

  • Emotet Payload

    Description

    Detects Emotet payload in memory.

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10