Overview

overview

10

Static

static

10

c742c19145...45.exe

windows7_x64

10

c742c19145...45.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c742c19145779e5e08cfca9b4f584ef32fb08f8cd3216249327a7033689a7845

  • Size

    62KB

  • Sample

    220306-s28k9sdfdr

  • MD5

    e8143ef2821741cff199eeda513225d7

  • SHA1

    8db44b3c470e34c545328ae71785b0e5c252d4df

  • SHA256

    c742c19145779e5e08cfca9b4f584ef32fb08f8cd3216249327a7033689a7845

  • SHA512

    f8c83b316f9572623fc7fc371ec578acd7dc2e3e2c5675cbafd3839747063c959d4dc3466535b55585ad48e2d8d9d1f4a9b86f77c5db722a1533aedc92b68459

Score
10/10
emotetepoch2bankersuricatatrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

173.73.87.96:80

71.222.233.135:443

60.250.78.22:443

80.86.91.91:8080

104.236.28.47:8080

162.241.92.219:8080

74.208.45.104:8080

178.20.74.212:80

85.105.205.77:8080

190.220.19.82:443

78.24.219.147:8080

47.26.155.17:80

110.44.113.2:80

113.52.123.226:7080

120.151.135.224:80

108.191.2.72:80

70.127.155.33:80

98.156.206.153:80

47.6.15.79:443

104.131.44.150:8080
rsa_pubkey.plain

Targets

    • Target

      c742c19145779e5e08cfca9b4f584ef32fb08f8cd3216249327a7033689a7845

    • Size

      62KB

    • MD5

      e8143ef2821741cff199eeda513225d7

    • SHA1

      8db44b3c470e34c545328ae71785b0e5c252d4df

    • SHA256

      c742c19145779e5e08cfca9b4f584ef32fb08f8cd3216249327a7033689a7845

    • SHA512

      f8c83b316f9572623fc7fc371ec578acd7dc2e3e2c5675cbafd3839747063c959d4dc3466535b55585ad48e2d8d9d1f4a9b86f77c5db722a1533aedc92b68459

    Score
    10/10
    emotetbankertrojansuricata

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M8

      suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M8

      suricata

    • suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M9

      suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M9

      suricata
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks