Overview

overview

10

Static

static

10

2e04e27397...c9.exe

windows7_x64

1

2e04e27397...c9.exe

windows10-2004_x64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e04e273970fb911297d2581bc7e3f65900093f9a02e2788ecbd65155f441cc9

  • Size

    245KB

  • Sample

    220222-jgh1faebf4

  • MD5

    899048d24541fcbc9786d8fa29791be5

  • SHA1

    f61e76d70bf35fdeedc2e1c65a65434351d80726

  • SHA256

    2e04e273970fb911297d2581bc7e3f65900093f9a02e2788ecbd65155f441cc9

  • SHA512

    51cd723afdd3b21ea8bceda68e8e8ff031f56c9fe54aca899228a623659d773e0feb0c374dd3152768f9b0b7dbd6d457b7ba73aca9cfb7111b8acf8ba84e4557

Score
10/10
emotetepoch2

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

80.227.52.78:80

51.89.199.141:8080

173.212.214.235:7080

167.114.153.111:8080

61.19.246.238:443

37.179.204.33:80

190.164.104.62:80

95.9.5.93:80

138.68.87.218:443

176.111.60.55:8080

194.190.67.75:80

66.76.12.94:8080

190.29.166.0:80

139.59.60.244:8080

184.180.181.202:80

49.50.209.131:80

24.133.106.23:80

121.7.31.214:80

185.94.252.104:443

50.91.114.38:80
rsa_pubkey.plain

Targets

    • Target

      2e04e273970fb911297d2581bc7e3f65900093f9a02e2788ecbd65155f441cc9

    • Size

      245KB

    • MD5

      899048d24541fcbc9786d8fa29791be5

    • SHA1

      f61e76d70bf35fdeedc2e1c65a65434351d80726

    • SHA256

      2e04e273970fb911297d2581bc7e3f65900093f9a02e2788ecbd65155f441cc9

    • SHA512

      51cd723afdd3b21ea8bceda68e8e8ff031f56c9fe54aca899228a623659d773e0feb0c374dd3152768f9b0b7dbd6d457b7ba73aca9cfb7111b8acf8ba84e4557

    Score
    4/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks