General

  • Target

    caf7808fadc19caa5fe4af9ff81a8ec48a36404b3e38c82e68e72eeb1574d67b

  • Size

    668KB

  • Sample

    241112-ze9nda1cmp

  • MD5

    486c185befcd1a01da37a9def2192636

  • SHA1

    3553daeb3174718390cb3bacd34797b488886ce2

  • SHA256

    caf7808fadc19caa5fe4af9ff81a8ec48a36404b3e38c82e68e72eeb1574d67b

  • SHA512

    5ed8a48986918f8342202ef61f9436bcc3cd778bdc71193de48f9fa9ed5eea1c90805a1c56c068c81e1905d2f93d5b648da858ddc639af95a4764e104db2b144

  • SSDEEP

    12288:TUXLmvzeDn+mG+rAJ+jbmYknd73bUdWWqgbM:TUmen+4rAUmdR4f4

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

177.37.81.212:443

74.207.230.187:8080

190.164.75.175:80

87.252.100.28:80

105.209.239.55:80

163.172.107.70:8080

37.208.106.146:8080

24.157.25.203:80

212.112.113.235:80

140.207.113.106:443

75.139.38.211:80

192.210.217.94:8080

46.49.124.53:80

75.127.14.170:8080

87.106.231.60:8080

139.59.12.63:8080

181.167.35.84:80

201.214.108.231:80

74.208.173.91:8080

189.146.1.78:443

rsa_pubkey.plain

Targets

    • Target

      caf7808fadc19caa5fe4af9ff81a8ec48a36404b3e38c82e68e72eeb1574d67b

    • Size

      668KB

    • MD5

      486c185befcd1a01da37a9def2192636

    • SHA1

      3553daeb3174718390cb3bacd34797b488886ce2

    • SHA256

      caf7808fadc19caa5fe4af9ff81a8ec48a36404b3e38c82e68e72eeb1574d67b

    • SHA512

      5ed8a48986918f8342202ef61f9436bcc3cd778bdc71193de48f9fa9ed5eea1c90805a1c56c068c81e1905d2f93d5b648da858ddc639af95a4764e104db2b144

    • SSDEEP

      12288:TUXLmvzeDn+mG+rAJ+jbmYknd73bUdWWqgbM:TUmen+4rAUmdR4f4

MITRE ATT&CK Enterprise v15

Tasks