Overview

overview

10

Static

static

8

3 1403.xlsm

windows7_x64

10

3 1403.xlsm

windows10-2004_x64

10

Resubmissions

15/03/2022, 13:11

220315-qe56hsbec2 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3 1403.zip

  • Size

    43KB

  • Sample

    220315-qe56hsbec2

  • MD5

    a5da4097171986e5a71d9b4aca5625f9

  • SHA1

    64027f074354a3654d73f153664e36754a2afb6c

  • SHA256

    089509dec049cb29e3f80ca3ae0fe1bb1221b7daa58024a1af34fbfd1bbcaa01

  • SHA512

    ec6b566eca204676a9a4f7941c422490a374ba4367be61485dd366a31a6ade8a67d069a10a0dcd6fc38c02151054cf267209abf23a9f452c9c618dcf323d90f1

Score
10/10
emotetepoch4bankermacrotrojanxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://www.arkpp.com/ARIS-BSU/9K1/

Extracted

Family

emotet

Botnet

Epoch4

C2

217.182.143.248:8080

185.4.135.27:8080

192.99.251.50:443

146.59.226.45:443

162.214.118.104:8080

195.154.133.20:443

103.75.201.2:443

5.9.116.246:8080

177.87.70.10:8080

31.24.158.56:8080

103.75.201.4:443

158.69.222.101:443

185.157.82.211:8080

185.8.212.130:7080

186.250.48.117:7080

110.232.117.186:8080

46.55.222.11:443

196.218.30.83:443

51.91.7.5:8080

176.56.128.118:443
eck1.plain
ecs1.plain

Targets

    • Target

      3 1403.xlsm

    • Size

      48KB

    • MD5

      1655267f2eef17c7bea81ee6cf65fbf9

    • SHA1

      dd062a715bd8eee2b8b4d30e6786e5b108b63c1a

    • SHA256

      8e586a928eecac9fa5b4dd6980915389f0092c6ec968ffe90dc4ccf3504ae578

    • SHA512

      3b0f05743a81756ef75e8da15e393f40365c71d7e986141bfb467acd8a232581cc5bd01953ed61b6129652ebd9517b1282f01fbbe2e808aa70dc3c906bbb726d

    Score
    10/10
    emotetepoch4bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks