Overview

overview

10

Static

static

3

06749499.exe

windows7-x64

10

06749499.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    06749499.exe

  • Size

    156KB

  • Sample

    230613-ra56dsha4v

  • MD5

    23cf74f9cc7494a8c498843f90a18068

  • SHA1

    98695cbbaab570a947953e60dd77a20fcf213b9c

  • SHA256

    0061027205b7cb930a68e83ace39fec88812383f5e2fd176030938159e02b0b5

  • SHA512

    9a8b75ff5f0a5f6b1dfb4897499a6204c09546625c7756432d6caa8e2d09f4dfd8b1cf93b0ddc4f8a69db84eb937a8c5659550ca1b726e2a2ec47d331002308e

  • SSDEEP

    3072:fE8Hiuuq5zv1PlPQ9vj/t+VeF17JamJp2Lom9OTHk1:fXuqlPQ9vjF+w1sgmj

Score
10/10
emotetepoch1bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

50.121.220.50:80

51.75.33.122:80

54.37.42.48:8080

91.121.54.71:8080

83.169.21.32:7080

68.69.155.181:80

67.247.242.247:80

213.197.182.158:8080

45.173.88.33:80

111.67.12.221:8080

217.13.106.14:8080

191.99.160.58:80

178.148.55.236:8080

85.109.159.61:443

110.142.219.51:80

50.28.51.143:8080

77.90.136.129:8080

209.236.123.42:8080

72.135.200.124:80

184.66.18.83:80
rsa_pubkey.plain

Targets

    • Target

      06749499.exe

    • Size

      156KB

    • MD5

      23cf74f9cc7494a8c498843f90a18068

    • SHA1

      98695cbbaab570a947953e60dd77a20fcf213b9c

    • SHA256

      0061027205b7cb930a68e83ace39fec88812383f5e2fd176030938159e02b0b5

    • SHA512

      9a8b75ff5f0a5f6b1dfb4897499a6204c09546625c7756432d6caa8e2d09f4dfd8b1cf93b0ddc4f8a69db84eb937a8c5659550ca1b726e2a2ec47d331002308e

    • SSDEEP

      3072:fE8Hiuuq5zv1PlPQ9vj/t+VeF17JamJp2Lom9OTHk1:fXuqlPQ9vjF+w1sgmj

    Score
    10/10
    emotetepoch1bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks