General

  • Target

    c370e920f8acc1a0b77ade2cf8925ed1187a437e742998eb2d67ce7cfd1aa853

  • Size

    668KB

  • Sample

    241111-vtflmascql

  • MD5

    6caa8cd9c24aa61412bc144c4e0f18f1

  • SHA1

    c10022c956a3c69572cdb8e22bd5f067605e4a98

  • SHA256

    c370e920f8acc1a0b77ade2cf8925ed1187a437e742998eb2d67ce7cfd1aa853

  • SHA512

    849348b7c1326870677065b44c2dc72b57f2c4700c33181b3687c75e77f3fd0e8db74fd4377c6a0e6930b61e430cd46419f01609816eab6d8acf3adeae1375bd

  • SSDEEP

    12288:bUXLmvzeDn+mG+rAJ+jbmYknd73u5t3Ygx+/:bUmen+4rAUmdRCH+

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

179.60.229.168:443

185.94.252.13:443

189.218.165.63:80

77.90.136.129:8080

217.199.160.224:7080

104.131.41.185:8080

2.47.112.152:80

185.94.252.27:443

186.250.52.226:8080

51.255.165.160:8080

68.183.170.114:8080

191.99.160.58:80

104.131.103.37:8080

181.31.211.181:80

202.62.39.111:80

83.169.21.32:7080

87.106.46.107:8080

72.47.248.48:7080

177.75.143.112:443

190.17.195.202:80

rsa_pubkey.plain

Targets

    • Target

      c370e920f8acc1a0b77ade2cf8925ed1187a437e742998eb2d67ce7cfd1aa853

    • Size

      668KB

    • MD5

      6caa8cd9c24aa61412bc144c4e0f18f1

    • SHA1

      c10022c956a3c69572cdb8e22bd5f067605e4a98

    • SHA256

      c370e920f8acc1a0b77ade2cf8925ed1187a437e742998eb2d67ce7cfd1aa853

    • SHA512

      849348b7c1326870677065b44c2dc72b57f2c4700c33181b3687c75e77f3fd0e8db74fd4377c6a0e6930b61e430cd46419f01609816eab6d8acf3adeae1375bd

    • SSDEEP

      12288:bUXLmvzeDn+mG+rAJ+jbmYknd73u5t3Ygx+/:bUmen+4rAUmdRCH+

MITRE ATT&CK Enterprise v15

Tasks