Overview

overview

10

Static

static

1

nees2vpsDkD7vWD.dll

windows7-x64

10

nees2vpsDkD7vWD.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    O1uPzXd2YscA.zip

  • Size

    811KB

  • Sample

    230322-kmkxnafg94

  • MD5

    2f56a13efc346438a275f675f9cbe794

  • SHA1

    bb50faf6091e39b9d8ba9048dae965bbdec2c4df

  • SHA256

    437f0dce73d03e764e346dee98bb44c6111766897c2fd085c8c1c5457988818e

  • SHA512

    b74793a378365f98fe4cdab8a3742fedbe3daf7c858ebb40f9a1d11fa93dbc881bf5f027e064444703d8fd068aa1b895d16629f7dfcba757ddc60ee9008df9d4

  • SSDEEP

    6144:mA/fqQLsh2uoOObj+gmM424czDPECwRAc7cDA08yuMol3l:3/fqmm2sObC7ezET7vh73l

Score
10/10
emotetepoch5bankerpersistencetrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch5

C2

103.85.95.4:8080

103.224.241.74:8080

178.238.225.252:8080

37.59.103.148:8080

78.47.204.80:443

138.197.14.67:8080

128.199.242.164:8080

54.37.228.122:443

37.44.244.177:8080

139.59.80.108:8080

218.38.121.17:443

82.98.180.154:7080

114.79.130.68:443

159.65.135.222:7080

174.138.33.49:7080

195.77.239.39:8080

193.194.92.175:443

198.199.70.22:8080

85.214.67.203:8080

93.84.115.205:7080
ecs1.plain
eck1.plain

Targets

    • Target

      nees2vpsDkD7vWD.dll

    • Size

      504.5MB

    • MD5

      c72fa03014714b23c88421313d6ae9cd

    • SHA1

      a57f585828fdb9cfaeb45cc50c3b03de46f2cf41

    • SHA256

      386ecbdf8fa5f4d26237e9f5787adb03911a3f2ad6d9b40f37c5a7af5f975770

    • SHA512

      37cbe26db7c02a68418c74fbc7de800ca0c3facd659a7b69ed353dec6f3add23af346902ad573ddd52a53083f030846f785b2f3365b476d3cc35318cd8642efc

    • SSDEEP

      12288:chQZR06Fy1F5YqSDZ9ma2aCStos1F3uD2Hescq2mc:jT08y1F5YqSDZ9ma21Str3cTX

    Score
    10/10
    emotetepoch5bankertrojanpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks