General

  • Target

    15f9447c9764932c28a4d212f033730581a362d29bf3afc41e20b75839394c3c

  • Size

    464KB

  • Sample

    241112-1btnes1jcs

  • MD5

    1b5f238c5d262970f8f7ece6f0a1057d

  • SHA1

    3b3f7053ca388d18148b27d7b2c4650fed97f9e0

  • SHA256

    15f9447c9764932c28a4d212f033730581a362d29bf3afc41e20b75839394c3c

  • SHA512

    8b894458a6592ff42e305be0afb149f04efc435891c426bc254da3ccf3c01593e90592db93aeacf56532e82a9ddf0b4107a16036fd60452eead7e33c32460ce4

  • SSDEEP

    12288:1vLYew4pGNw6qs7hYufnDtbKSjU0nEEPOmT/:ZEskNl77h/DtbtjnXT

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

174.102.48.180:80

192.210.135.126:8080

67.205.85.243:8080

47.146.32.175:80

116.203.32.252:8080

189.212.199.126:443

72.12.127.184:443

180.92.239.110:8080

103.86.49.11:8080

181.230.116.163:80

157.147.76.151:80

74.120.55.163:80

121.124.124.40:7080

79.98.24.39:8080

142.105.151.124:443

167.86.90.214:8080

24.179.13.119:80

62.138.26.28:8080

165.165.171.160:8080

74.208.45.104:8080

rsa_pubkey.plain

Targets

    • Target

      15f9447c9764932c28a4d212f033730581a362d29bf3afc41e20b75839394c3c

    • Size

      464KB

    • MD5

      1b5f238c5d262970f8f7ece6f0a1057d

    • SHA1

      3b3f7053ca388d18148b27d7b2c4650fed97f9e0

    • SHA256

      15f9447c9764932c28a4d212f033730581a362d29bf3afc41e20b75839394c3c

    • SHA512

      8b894458a6592ff42e305be0afb149f04efc435891c426bc254da3ccf3c01593e90592db93aeacf56532e82a9ddf0b4107a16036fd60452eead7e33c32460ce4

    • SSDEEP

      12288:1vLYew4pGNw6qs7hYufnDtbKSjU0nEEPOmT/:ZEskNl77h/DtbtjnXT

MITRE ATT&CK Enterprise v15

Tasks