General

  • Target

    4dd0352fb23a910cfeb2fbf881ff36b154c27209b6927b95ff842f7eec98c0c3

  • Size

    688KB

  • Sample

    241112-1nsxnascjr

  • MD5

    ce6bc84b0461f8cd812defa764aa9a87

  • SHA1

    0ee1b151e735303001f5b080bd1cbdd0981593d3

  • SHA256

    4dd0352fb23a910cfeb2fbf881ff36b154c27209b6927b95ff842f7eec98c0c3

  • SHA512

    6b331cfd6a45f622662475aca5583d595ae8e2e741a7ea4af24d9eb8d848d76cb62c192e77b69cdce944f09a6ae7d4cd9a977f39942790d890fe6c0c555530e1

  • SSDEEP

    12288:yXz2U60rdzO9aD+viCT+RMGetwifr4whf3t70c/y:eOFviClGet8SAc/y

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

47.146.32.175:80

212.51.142.238:8080

200.55.243.138:8080

65.111.120.223:80

47.144.21.12:443

81.2.235.111:8080

152.168.248.128:443

24.43.99.75:80

114.146.222.200:80

50.116.86.205:8080

121.124.124.40:7080

153.126.210.205:7080

183.101.175.193:80

189.212.199.126:443

62.75.141.82:80

46.105.131.79:8080

104.236.246.93:8080

83.110.223.58:443

162.241.92.219:8080

180.92.239.110:8080

rsa_pubkey.plain

Targets

    • Target

      4dd0352fb23a910cfeb2fbf881ff36b154c27209b6927b95ff842f7eec98c0c3

    • Size

      688KB

    • MD5

      ce6bc84b0461f8cd812defa764aa9a87

    • SHA1

      0ee1b151e735303001f5b080bd1cbdd0981593d3

    • SHA256

      4dd0352fb23a910cfeb2fbf881ff36b154c27209b6927b95ff842f7eec98c0c3

    • SHA512

      6b331cfd6a45f622662475aca5583d595ae8e2e741a7ea4af24d9eb8d848d76cb62c192e77b69cdce944f09a6ae7d4cd9a977f39942790d890fe6c0c555530e1

    • SSDEEP

      12288:yXz2U60rdzO9aD+viCT+RMGetwifr4whf3t70c/y:eOFviClGet8SAc/y

MITRE ATT&CK Enterprise v15

Tasks