Overview

overview

10

Static

static

2020-07-21...in.exe

windows7_x64

10

2020-07-21...in.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2020-07-21-Emotet-EXE-updated-after-initial-infection.bin

  • Size

    417KB

  • Sample

    210307-xxgnn2bhre

  • MD5

    5895c71c30a0781df1c49d5c35bd3fbb

  • SHA1

    eee820baffadb9f006e271386861b97af6b6fb9c

  • SHA256

    a7f46b14baa4d0df476385bdb7316c774842d39faf6efc1f2b0f09ad3c5060de

  • SHA512

    583b025c53c55cf06df43d7ea630736329c5ddef40c6379dbe0b25dfc124c6a6d50fff94a2a19eba83e74649c4a30fdf445405a0096b099cd49605f1778c4498

Score
10/10
emotetepoch2bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

124.45.106.173:443

212.51.142.238:8080

176.111.60.55:8080

201.173.217.124:443

108.48.41.69:80

200.41.121.90:80

222.214.218.37:4143

173.91.22.41:80

78.189.165.52:8080

190.108.228.62:443

209.141.54.221:8080

87.106.139.101:8080

74.208.45.104:8080

186.208.123.210:443

109.117.53.230:443

103.86.49.11:8080

139.59.60.244:8080

153.126.210.205:7080

109.74.5.95:8080

91.211.88.52:7080
rsa_pubkey.plain

Targets

    • Target

      2020-07-21-Emotet-EXE-updated-after-initial-infection.bin

    • Size

      417KB

    • MD5

      5895c71c30a0781df1c49d5c35bd3fbb

    • SHA1

      eee820baffadb9f006e271386861b97af6b6fb9c

    • SHA256

      a7f46b14baa4d0df476385bdb7316c774842d39faf6efc1f2b0f09ad3c5060de

    • SHA512

      583b025c53c55cf06df43d7ea630736329c5ddef40c6379dbe0b25dfc124c6a6d50fff94a2a19eba83e74649c4a30fdf445405a0096b099cd49605f1778c4498

    Score
    10/10
    emotetepoch2bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Emotet Payload

      Detects Emotet payload in memory.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks