General

  • Target

    947cee2b177f7fcbca5b85df070bd90e64aa35ce34f771c581db5c6fa12381d2

  • Size

    665KB

  • Sample

    241112-zfzjss1bpd

  • MD5

    497f00fb78673f989853dc2bdbf5291b

  • SHA1

    7d42003ca9e92ae0d51408340b354f0bc9a7f1cd

  • SHA256

    947cee2b177f7fcbca5b85df070bd90e64aa35ce34f771c581db5c6fa12381d2

  • SHA512

    59245b1fb74f0da398961252cccaad9769e0fd16ab11c4e835c9c54d57de69fb06839c01e90ee6ff154da67ac9e34109d4b4e64b73ab57ce29df8aa99d11ff88

  • SSDEEP

    12288:I9q4kCNflwFiqeZwh/ZL2BLnH9l0ACR9u/lXkLsvKPKS8S18i0m:KfukqeZwzSBLnHsAg9upkLnPKS8S1h

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

173.68.199.157:80

59.148.253.194:8080

173.212.197.71:8080

98.103.204.12:443

2.45.176.233:80

45.33.77.42:8080

181.58.181.9:80

219.92.13.25:80

12.163.208.58:80

2.85.9.41:8080

172.104.169.32:8080

149.202.72.142:7080

189.223.16.99:80

216.47.196.104:80

191.97.154.2:80

213.197.182.158:8080

94.176.234.118:443

46.105.114.137:8080

177.144.130.105:8080

174.118.202.24:443

rsa_pubkey.plain

Targets

    • Target

      947cee2b177f7fcbca5b85df070bd90e64aa35ce34f771c581db5c6fa12381d2

    • Size

      665KB

    • MD5

      497f00fb78673f989853dc2bdbf5291b

    • SHA1

      7d42003ca9e92ae0d51408340b354f0bc9a7f1cd

    • SHA256

      947cee2b177f7fcbca5b85df070bd90e64aa35ce34f771c581db5c6fa12381d2

    • SHA512

      59245b1fb74f0da398961252cccaad9769e0fd16ab11c4e835c9c54d57de69fb06839c01e90ee6ff154da67ac9e34109d4b4e64b73ab57ce29df8aa99d11ff88

    • SSDEEP

      12288:I9q4kCNflwFiqeZwh/ZL2BLnH9l0ACR9u/lXkLsvKPKS8S18i0m:KfukqeZwzSBLnHsAg9upkLnPKS8S1h

MITRE ATT&CK Enterprise v15

Tasks