General

  • Target

    b4aabe14ef9b504157f971afaec037915f40246bce10a88ebfc0d25cc0aa49f0.zip

  • Size

    426KB

  • Sample

    230208-lxvehsaa74

  • MD5

    22e277a3a268dae37fc2375816bf1f78

  • SHA1

    f5e1cffc1b3bb5e8dbcea38f53bc5f9c6e824a3b

  • SHA256

    18c392935f32bd1551a3a38da930f6df3b2934134cb3a83c93f05aa1869489af

  • SHA512

    c21f9a51ee4496d357f2f1d9241cd92ccc26232d89104d12a1754c7d16c236f95a4b48b94c243a05eb04fe0d4bf42cda9b4f696b95dde679427383b3523b866b

  • SSDEEP

    12288:A/Lp2xyxhMPMBHhQchkvHMIOHPyKwj3+L:gJxhMYpIGRwC

Malware Config

Extracted

Family

emotet

Botnet

Epoch4

C2

8.9.11.48:443

144.76.186.55:7080

45.118.115.99:8080

51.254.140.238:7080

162.214.50.39:7080

119.235.255.201:8080

103.75.201.4:443

164.68.99.3:8080

178.79.147.66:8080

192.95.56.148:8080

81.0.236.90:443

45.118.135.203:7080

131.100.24.231:80

41.76.108.46:8080

45.142.114.231:8080

82.165.152.127:8080

45.176.232.124:443

50.116.54.215:443

162.243.175.63:443

216.158.226.206:443

eck1.plain
ecs1.plain

Targets

    • Target

      b4aabe14ef9b504157f971afaec037915f40246bce10a88ebfc0d25cc0aa49f0.dll

    • Size

      763KB

    • MD5

      c85b3e92fca9421190d1290d4c4c365d

    • SHA1

      3c7bfaf94cb0347155daa66a4190c1b0a4026f29

    • SHA256

      b4aabe14ef9b504157f971afaec037915f40246bce10a88ebfc0d25cc0aa49f0

    • SHA512

      adb523c820c953a9bb359f020e3c1d003abc7b71ef6b9f27481d0a15efb797d4a86e4383fb784e0cf59a0a64383482d7b917b2f1d306d41ea0ec722a7e8eff92

    • SSDEEP

      12288:0dxTcumr82wywP4LHIVBIAeQwfUgFm9V5BnE+skDSBiOgl16gtdXkX:8TrmrRwP4kVfw8gYtE+skD+iUgTXkX

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

MITRE ATT&CK Matrix

Tasks