General

  • Target

    6f1e156162b1b1c12c5406f90a132783917b84d392a6c5778577beec9e1d6f0a

  • Size

    880KB

  • Sample

    241112-1pc8la1lfx

  • MD5

    a70d1b0e6ccbd1b4d0d9514eba2f196a

  • SHA1

    32538a3c9c8fc944f0105c78c88a2e49905d6d85

  • SHA256

    6f1e156162b1b1c12c5406f90a132783917b84d392a6c5778577beec9e1d6f0a

  • SHA512

    108a2e849f1b0c8241e8152997d918bf0476899ba34d070487f4502fd7a48db9935c83884f1ecb39db150e514acced8d4736e104839bf04de372ac387abf7432

  • SSDEEP

    12288:9gObnVOPqdLK9tHsLKUC20L/UOm8q0T6GS9o+aRna:KFTtL/e8qO6Gfna

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

177.73.0.98:443

185.94.252.13:443

94.176.234.118:443

212.71.237.140:8080

186.250.52.226:8080

143.0.87.101:80

187.51.47.26:80

190.181.235.46:80

212.231.60.98:80

45.161.242.102:80

50.28.51.143:8080

190.96.118.251:443

46.214.11.172:80

186.70.127.199:8090

157.7.199.53:8080

217.13.106.14:8080

187.162.248.237:80

177.144.135.2:80

181.30.69.50:80

190.163.31.26:80

rsa_pubkey.plain

Targets

    • Target

      6f1e156162b1b1c12c5406f90a132783917b84d392a6c5778577beec9e1d6f0a

    • Size

      880KB

    • MD5

      a70d1b0e6ccbd1b4d0d9514eba2f196a

    • SHA1

      32538a3c9c8fc944f0105c78c88a2e49905d6d85

    • SHA256

      6f1e156162b1b1c12c5406f90a132783917b84d392a6c5778577beec9e1d6f0a

    • SHA512

      108a2e849f1b0c8241e8152997d918bf0476899ba34d070487f4502fd7a48db9935c83884f1ecb39db150e514acced8d4736e104839bf04de372ac387abf7432

    • SSDEEP

      12288:9gObnVOPqdLK9tHsLKUC20L/UOm8q0T6GS9o+aRna:KFTtL/e8qO6Gfna

MITRE ATT&CK Enterprise v15

Tasks