General

  • Target

    Olggolg3aHWcYpAQtYdrGEo5IC3.zip

  • Size

    856KB

  • Sample

    230308-lr8d7afb88

  • MD5

    925296888593a28e151053644b56b86d

  • SHA1

    efcfaa7d86755b003ad4a4b7f0ba8c836beefae0

  • SHA256

    37c4531329fa012f60ff5ca4b66b6658498bf58b8ba282a782d9da4d8a84104f

  • SHA512

    80648cae748d1f5473da5dd31a7d2e77dc32b502ffb44887fb9631414cbe35b9ad86ce79dcc4eace27d3f071a57f1fe03f5232bc696b483e63bb106658d223a5

  • SSDEEP

    12288:S4DKwKHCjAbD7j9kd1j89Gpm19Fkf7/sn:levtlkdJe4m19FgE

Malware Config

Extracted

Family

emotet

Botnet

Epoch4

C2

129.232.188.93:443

164.90.222.65:443

159.65.88.10:8080

172.105.226.75:8080

115.68.227.76:8080

187.63.160.88:80

169.57.156.166:8080

185.4.135.165:8080

153.126.146.25:7080

197.242.150.244:8080

139.59.126.41:443

186.194.240.217:443

103.132.242.26:8080

206.189.28.199:8080

163.44.196.120:8080

95.217.221.146:8080

159.89.202.34:443

119.59.103.152:8080

183.111.227.137:8080

201.94.166.162:443

eck1.plain
ecs1.plain

Targets

    • Target

      1XJjowbGw9CafDWMFZbigWvOtVEfvuO.dll

    • Size

      520.7MB

    • MD5

      ca883e8ba09c47d52270499dbef81fbe

    • SHA1

      df2531dd59c8ef36b709c6b92f80188ac8c9867a

    • SHA256

      7641eb83245ae812875b97220d93227440c5e2ba2b7c46981118f4dae42789e5

    • SHA512

      303f05f3b43aca6a99036fd410407a4d69f03f2681cf230a5fbc8e48406ea61a7f7100f371c930415652dd47c9f016f4b0f3ef31b17c46524269a511ee113bba

    • SSDEEP

      24576:4E4cLCJMj2C8c3wCRSNWiy/eK5xDegO82/gkU8jG:4GLCJMjl8c3wKwKXeZ

MITRE ATT&CK Enterprise v6

Tasks