Overview

overview

10

Static

static

6603133cb6...02.exe

windows7_x64

10

6603133cb6...02.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6603133cb64817c8b6c014755e8303186506875d5ce8e2a1b2a3c93d43aed402

  • Size

    704KB

  • Sample

    220521-w4rbjsahe7

  • MD5

    44520d612bb1649fe235e8793d427da0

  • SHA1

    6793ec4fa12de94e1f7791f9a08555e7eae505ef

  • SHA256

    6603133cb64817c8b6c014755e8303186506875d5ce8e2a1b2a3c93d43aed402

  • SHA512

    68017e541681df2cd7849585163f7b6d2df3e2775e2e7c28b39f06a961290c82ebfc7858d815475fff9be2559980681b1c4ee0eb50ad0ea7e4c8a8e0f5680edb

Score
10/10
emotetepoch1bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

71.197.211.156:80

91.121.54.71:8080

209.236.123.42:8080

89.32.150.160:8080

68.183.190.199:8080

45.161.242.102:80

217.199.160.224:7080

73.116.193.136:80

190.163.31.26:80

68.183.170.114:8080

207.144.103.227:80

114.109.179.60:80

178.148.55.236:8080

188.135.15.49:80

72.47.248.48:7080

83.169.21.32:7080

24.135.198.218:80

212.174.55.22:443

174.100.27.229:80

192.241.143.52:8080
rsa_pubkey.plain

Targets

    • Target

      6603133cb64817c8b6c014755e8303186506875d5ce8e2a1b2a3c93d43aed402

    • Size

      704KB

    • MD5

      44520d612bb1649fe235e8793d427da0

    • SHA1

      6793ec4fa12de94e1f7791f9a08555e7eae505ef

    • SHA256

      6603133cb64817c8b6c014755e8303186506875d5ce8e2a1b2a3c93d43aed402

    • SHA512

      68017e541681df2cd7849585163f7b6d2df3e2775e2e7c28b39f06a961290c82ebfc7858d815475fff9be2559980681b1c4ee0eb50ad0ea7e4c8a8e0f5680edb

    Score
    10/10
    emotetepoch1bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks