Overview

overview

10

Static

static

55e97a8c47...cc.dll

windows7-x64

10

55e97a8c47...cc.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    55e97a8c4774d0bd076c6349daffb2312d4b35f90be9ac45a3b80d3e152efbcc

  • Size

    79KB

  • Sample

    220725-g8nznaafgp

  • MD5

    8a441e15384c93dfba22080eec6d76d4

  • SHA1

    03321e2074ef9fff6a5b9963c8a09dee6299eef3

  • SHA256

    55e97a8c4774d0bd076c6349daffb2312d4b35f90be9ac45a3b80d3e152efbcc

  • SHA512

    2a73cb8f883e2281d65da3efe588ce75befdae6271a3adf1b1cc994462cc52e95e65c9821f54ea5aaab4987f8d3bb7e9b8524fcf7bc8cf647b913e42d73ad470

Score
10/10
emotetepoch2bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

190.106.97.230:443

24.51.106.145:21

186.4.172.5:443

77.237.248.136:8080

185.142.236.163:443

63.142.253.122:8080

178.254.6.27:7080

92.222.125.16:7080

182.176.106.43:995

31.12.67.62:7080

37.157.194.134:443

85.106.1.166:50000

201.251.43.69:8080

136.243.177.26:8080

104.131.11.150:8080

190.201.164.223:53

103.97.95.218:143

190.53.135.159:21

138.201.140.110:8080

80.11.163.139:21
rsa_pubkey.plain

Targets

    • Target

      55e97a8c4774d0bd076c6349daffb2312d4b35f90be9ac45a3b80d3e152efbcc

    • Size

      79KB

    • MD5

      8a441e15384c93dfba22080eec6d76d4

    • SHA1

      03321e2074ef9fff6a5b9963c8a09dee6299eef3

    • SHA256

      55e97a8c4774d0bd076c6349daffb2312d4b35f90be9ac45a3b80d3e152efbcc

    • SHA512

      2a73cb8f883e2281d65da3efe588ce75befdae6271a3adf1b1cc994462cc52e95e65c9821f54ea5aaab4987f8d3bb7e9b8524fcf7bc8cf647b913e42d73ad470

    Score
    10/10
    emotetepoch2bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks