Overview

overview

10

Static

static

3

1f5509daf8...18.exe

windows7-x64

10

1f5509daf8...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1f5509daf8dc61d183dda0aca41259d7_JaffaCakes118

  • Size

    318KB

  • Sample

    240507-d9jvjsge4t

  • MD5

    1f5509daf8dc61d183dda0aca41259d7

  • SHA1

    dbf45750e7d0f706fdfedabfe67732b7052ead51

  • SHA256

    65436b3fd164492492c61dafbc428c6181090fca2d2eefcff5430751db9a9703

  • SHA512

    b6938425709f39d5278fb27f46519fce5c7875c230f28422962efbbdce7158d128e13fed505281f615343561dfbbceac89f0165d7f7dd44a4d1588f4a97f38ff

  • SSDEEP

    6144:IUr9yixK0dkI6ukU1EqlhVLLiLLwLL5ZbgiUPJtW:frxRdbDHTC3PJI

Score
10/10
emotetepoch2bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

140.186.212.146:80

85.214.28.226:8080

142.44.137.67:443

162.241.242.173:8080

95.213.236.64:8080

176.111.60.55:8080

85.152.162.105:80

67.205.85.243:8080

173.81.218.65:80

5.196.74.210:8080

190.160.53.126:80

24.43.99.75:80

169.239.182.217:8080

47.144.21.12:443

89.205.113.80:80

112.185.64.233:80

216.208.76.186:80

121.124.124.40:7080

37.187.72.193:8080

87.106.136.232:8080
rsa_pubkey.plain

Targets

    • Target

      1f5509daf8dc61d183dda0aca41259d7_JaffaCakes118

    • Size

      318KB

    • MD5

      1f5509daf8dc61d183dda0aca41259d7

    • SHA1

      dbf45750e7d0f706fdfedabfe67732b7052ead51

    • SHA256

      65436b3fd164492492c61dafbc428c6181090fca2d2eefcff5430751db9a9703

    • SHA512

      b6938425709f39d5278fb27f46519fce5c7875c230f28422962efbbdce7158d128e13fed505281f615343561dfbbceac89f0165d7f7dd44a4d1588f4a97f38ff

    • SSDEEP

      6144:IUr9yixK0dkI6ukU1EqlhVLLiLLwLL5ZbgiUPJtW:frxRdbDHTC3PJI

    Score
    10/10
    emotetepoch2bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks