General

  • Target

    88e4cd35466e3e5b742d828f0125bc0f2b05f99533b2357d3290623ce8e182bf

  • Size

    428KB

  • Sample

    241112-1pq5fssbrh

  • MD5

    e030b94df159dda9100ee376614826a5

  • SHA1

    ebfef8dc50ebf8b30bf745ccd8a063191ce43077

  • SHA256

    88e4cd35466e3e5b742d828f0125bc0f2b05f99533b2357d3290623ce8e182bf

  • SHA512

    2b65f8b7ed02e30ce9641ac17dd96bdd42675ad259e84b86d41a2fb9e785a23b7a5ab43e6f4023abc566293a0e40b54918b53861bb6892581fc60836f428abe5

  • SSDEEP

    12288:o61KBnflNHOvmzIeCH73/qJd60gmoP1jjv08/adpUu:o6wXCb3/qJd60gmoP1jjv08/ipUu

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

24.249.135.121:80

185.94.252.13:443

149.62.173.247:8080

50.28.51.143:8080

80.249.176.206:80

5.196.35.138:7080

190.17.195.202:80

143.0.87.101:80

190.147.137.153:443

181.30.69.50:80

51.255.165.160:8080

190.96.118.251:443

72.47.248.48:7080

178.79.163.131:8080

212.231.60.98:80

187.162.248.237:80

2.47.112.152:80

68.183.190.199:8080

192.241.143.52:8080

77.55.211.77:8080

rsa_pubkey.plain

Targets

    • Target

      88e4cd35466e3e5b742d828f0125bc0f2b05f99533b2357d3290623ce8e182bf

    • Size

      428KB

    • MD5

      e030b94df159dda9100ee376614826a5

    • SHA1

      ebfef8dc50ebf8b30bf745ccd8a063191ce43077

    • SHA256

      88e4cd35466e3e5b742d828f0125bc0f2b05f99533b2357d3290623ce8e182bf

    • SHA512

      2b65f8b7ed02e30ce9641ac17dd96bdd42675ad259e84b86d41a2fb9e785a23b7a5ab43e6f4023abc566293a0e40b54918b53861bb6892581fc60836f428abe5

    • SSDEEP

      12288:o61KBnflNHOvmzIeCH73/qJd60gmoP1jjv08/adpUu:o6wXCb3/qJd60gmoP1jjv08/ipUu

MITRE ATT&CK Enterprise v15

Tasks