Overview

overview

10

Static

static

3

TssmVA0pdll.dll

windows7-x64

10

TssmVA0pdll.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TssmVA0pdll.dll

  • Size

    1004KB

  • Sample

    230701-jfk4eaha9s

  • MD5

    aeccc4fd7b3f3414bc920f96243a2b4b

  • SHA1

    3ec6a26540afa2ae5ebf55ccabf58a55b1dde88d

  • SHA256

    cd1d25d156a6f0e4557421edba5212f6daaf0bc4d3c527fc1bace153aa240c14

  • SHA512

    dc4b1cd8615ba363f517a33d6e7ab1141de69356a7a3ef9d613ef033c9651bb709ca5c3d368a8a414491933dca5b39333a230c1b3e178b46dcf5410299a195ef

  • SSDEEP

    12288:+LDlVD0Fj+g1dEJgcIzQHBKeWZlQN5tFjNRLU:Ci6fgcIcHB8ZebLU

Score
10/10
emotetepoch5bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch5

C2

168.119.39.118:443

185.168.130.138:443

168.197.250.14:80

195.77.239.39:8080

68.183.93.250:443

185.184.25.78:8080

118.98.72.86:443

78.47.204.80:443

159.69.237.188:443

61.7.231.226:443

103.41.204.169:8080

207.148.81.119:8080

85.214.67.203:8080

190.90.233.66:443

191.252.103.16:80

93.104.209.107:8080

194.9.172.107:8080

66.42.57.149:443

59.148.253.194:443

62.171.178.147:8080
eck1.plain
ecs1.plain

Targets

    • Target

      TssmVA0pdll.dll

    • Size

      1004KB

    • MD5

      aeccc4fd7b3f3414bc920f96243a2b4b

    • SHA1

      3ec6a26540afa2ae5ebf55ccabf58a55b1dde88d

    • SHA256

      cd1d25d156a6f0e4557421edba5212f6daaf0bc4d3c527fc1bace153aa240c14

    • SHA512

      dc4b1cd8615ba363f517a33d6e7ab1141de69356a7a3ef9d613ef033c9651bb709ca5c3d368a8a414491933dca5b39333a230c1b3e178b46dcf5410299a195ef

    • SSDEEP

      12288:+LDlVD0Fj+g1dEJgcIzQHBKeWZlQN5tFjNRLU:Ci6fgcIcHB8ZebLU

    Score
    10/10
    emotetepoch5bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks