Overview

overview

10

Static

static

c9ef9a7b0e...6b.dll

windows7-x64

10

c9ef9a7b0e...6b.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c9ef9a7b0e0380a71a61a8121c4e781f2ca91c6592a771ed09edb8173a81936b

  • Size

    346KB

  • Sample

    221125-kfnpzahc9s

  • MD5

    f7e3a75c06d07a50b329765fce9afa69

  • SHA1

    6590473527c6fbd66ab6f1b66f7a4a3861d76b3e

  • SHA256

    c9ef9a7b0e0380a71a61a8121c4e781f2ca91c6592a771ed09edb8173a81936b

  • SHA512

    d72a16213cf90fa991133fc13a41f40e8a698509f49cf29a25bd94fc1e370692347086eb12fcc5866a551c4b88650e7583eccd1c88cabf32480d7db7bd73a863

  • SSDEEP

    3072:euvA1p08RqEQAIVEd2gG/vNlo0JFx/pANyCm0PQEKR/JnXHWucj:eu206xWgGxLxWN40PDKR/JnX2fj

Score
10/10
emotetepoch2bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

0.0.181.59:0

13.162.80.0:0

127.232.46.112:48651

128.0.2.0:0

56.98.83.136:32760

56.98.83.112:32760

8.75.57.144:482
rsa_pubkey.plain

Targets

    • Target

      c9ef9a7b0e0380a71a61a8121c4e781f2ca91c6592a771ed09edb8173a81936b

    • Size

      346KB

    • MD5

      f7e3a75c06d07a50b329765fce9afa69

    • SHA1

      6590473527c6fbd66ab6f1b66f7a4a3861d76b3e

    • SHA256

      c9ef9a7b0e0380a71a61a8121c4e781f2ca91c6592a771ed09edb8173a81936b

    • SHA512

      d72a16213cf90fa991133fc13a41f40e8a698509f49cf29a25bd94fc1e370692347086eb12fcc5866a551c4b88650e7583eccd1c88cabf32480d7db7bd73a863

    • SSDEEP

      3072:euvA1p08RqEQAIVEd2gG/vNlo0JFx/pANyCm0PQEKR/JnXHWucj:eu206xWgGxLxWN40PDKR/JnX2fj

    Score
    10/10
    emotetepoch2bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks