General

  • Target

    b3fd2051fc1b96c495d355db0d334436e1c6d4438cd0beab23a5b1cbca869fd2.zip

  • Size

    341KB

  • Sample

    230308-mfwrpafd69

  • MD5

    a47bc4bdfcceb83dc5ae69c316f267b0

  • SHA1

    cd923b98d03ed0125b01f5451ab5c44c5e2e8e9e

  • SHA256

    573d0c80a888dab82f236d454de45a1519858200edb96af8894869c6d9ec7dc8

  • SHA512

    05dab9b9b66de2fa9096e8d11e31c0c4f29352186a9e45d57b016145277c5636a4835021e76c6517eecfcd0b8e04bcd01591b496493b9761c4cfc0048803970c

  • SSDEEP

    6144:sp5IV0n8rQhaFPHsyKFKxsbZJNiZG23hQ7xYBR5KvmNbxr4LhuuX:o8scWFKxqYGSQ7xYBR5QgiLMK

Malware Config

Extracted

Family

emotet

Botnet

Epoch4

C2

129.232.188.93:443

164.90.222.65:443

159.65.88.10:8080

172.105.226.75:8080

115.68.227.76:8080

187.63.160.88:80

169.57.156.166:8080

185.4.135.165:8080

153.126.146.25:7080

197.242.150.244:8080

139.59.126.41:443

186.194.240.217:443

103.132.242.26:8080

206.189.28.199:8080

163.44.196.120:8080

95.217.221.146:8080

159.89.202.34:443

119.59.103.152:8080

183.111.227.137:8080

201.94.166.162:443

eck1.plain
ecs1.plain

Targets

    • Target

      VdaN1GI2TTwnq1xfcuZGiVPNHHbdxkEOc.dll

    • Size

      530.7MB

    • MD5

      312594d8c22456b03982d9744cf55cb0

    • SHA1

      57e6ba85118338d5f695405bb64c4ecaf5f2dae2

    • SHA256

      efcf59f4423df8fdacbfa8c3d23b6a3e4722bab65c31ea8a7f32daadddfa7adc

    • SHA512

      92bd3244cc00ef6933e4adbc24f3cdde4660f943d725c69f0b4090b623c9071f5d16cdf69d14c7d44507fd8a9420db567ae819bfbee388c09c9c76158cef2834

    • SSDEEP

      24576:4E4cLCJMj2C8c3wCRSNWiy/eK5xDegO82/gkU8jG:4GLCJMjl8c3wKwKXeZ

MITRE ATT&CK Enterprise v6

Tasks