General

  • Target

    9452e31a8f3d955092572fa02a3ad7dec2dd8e52370fcbde35cc253a70003fd1

  • Size

    736KB

  • Sample

    241112-zlk9cs1dnr

  • MD5

    bffb30bb0de06a8fcea8fab679e33534

  • SHA1

    cc460d76d6e1bcd869476088e82391e9d502e38a

  • SHA256

    9452e31a8f3d955092572fa02a3ad7dec2dd8e52370fcbde35cc253a70003fd1

  • SHA512

    e7ca5a9ee83881877cdc61c5a5b0aa57fefdd7b3e2274583762ad14de0d90547cae559f51238ee0e81974024f76da68b8c00c692c90ad13cb94b8623cf8b1138

  • SSDEEP

    12288:axpXle/CdHI25T6HmRIteIPtdjGemV0dkEu5RVYWfrLReTmxvS6yESRsoo7KUqj:MIaEmWteI1XmV06VRhfrL/a6yESRso/r

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

177.73.0.98:443

185.94.252.13:443

94.176.234.118:443

212.71.237.140:8080

186.250.52.226:8080

143.0.87.101:80

187.51.47.26:80

190.181.235.46:80

212.231.60.98:80

45.161.242.102:80

50.28.51.143:8080

190.96.118.251:443

46.214.11.172:80

186.70.127.199:8090

157.7.199.53:8080

217.13.106.14:8080

187.162.248.237:80

177.144.135.2:80

181.30.69.50:80

190.163.31.26:80

rsa_pubkey.plain

Targets

    • Target

      9452e31a8f3d955092572fa02a3ad7dec2dd8e52370fcbde35cc253a70003fd1

    • Size

      736KB

    • MD5

      bffb30bb0de06a8fcea8fab679e33534

    • SHA1

      cc460d76d6e1bcd869476088e82391e9d502e38a

    • SHA256

      9452e31a8f3d955092572fa02a3ad7dec2dd8e52370fcbde35cc253a70003fd1

    • SHA512

      e7ca5a9ee83881877cdc61c5a5b0aa57fefdd7b3e2274583762ad14de0d90547cae559f51238ee0e81974024f76da68b8c00c692c90ad13cb94b8623cf8b1138

    • SSDEEP

      12288:axpXle/CdHI25T6HmRIteIPtdjGemV0dkEu5RVYWfrLReTmxvS6yESRsoo7KUqj:MIaEmWteI1XmV06VRhfrL/a6yESRso/r

MITRE ATT&CK Enterprise v15

Tasks