General

  • Target

    18cb3c7529c01cfba2440a5b79bd7a0158a37540456c5fe8d3444c775a09d422

  • Size

    602KB

  • Sample

    241112-zrmpda1epp

  • MD5

    bdd001d5f0e44d2b65272b29a02eece5

  • SHA1

    5a58a2a6b71ae07b890f1af09abe1c7b2fcc89a3

  • SHA256

    18cb3c7529c01cfba2440a5b79bd7a0158a37540456c5fe8d3444c775a09d422

  • SHA512

    01ccb14f6aecf632a56a4895160fae78eea42ac6955fb6c32f24e95f8d78ad54ba9e9c26d4b0caa1cfaddd4bf0954dc1a73beadea0902f764f3c9bfedb7ba03f

  • SSDEEP

    6144:E/+HHHHH/269EE1DDeiitHYS7TsCUvwxVzPY0w0joOC3K1JAVBAxEGn6WKTeAFH9:97HiZYSsCzzY0FjomKWVAT9JFXVkg

Malware Config

Extracted

Family

emotet

Botnet

Epoch5

C2

45.138.98.34:80

69.16.218.101:8080

51.210.242.234:8080

185.148.168.220:8080

142.4.219.173:8080

54.38.242.185:443

191.252.103.16:80

104.131.62.48:8080

62.171.178.147:8080

217.182.143.207:443

168.197.250.14:80

37.44.244.177:8080

66.42.57.149:443

210.57.209.142:8080

159.69.237.188:443

116.124.128.206:8080

128.199.192.135:8080

195.154.146.35:443

185.148.168.15:8080

195.77.239.39:8080

eck1.plain
ecs1.plain

Targets

    • Target

      18cb3c7529c01cfba2440a5b79bd7a0158a37540456c5fe8d3444c775a09d422

    • Size

      602KB

    • MD5

      bdd001d5f0e44d2b65272b29a02eece5

    • SHA1

      5a58a2a6b71ae07b890f1af09abe1c7b2fcc89a3

    • SHA256

      18cb3c7529c01cfba2440a5b79bd7a0158a37540456c5fe8d3444c775a09d422

    • SHA512

      01ccb14f6aecf632a56a4895160fae78eea42ac6955fb6c32f24e95f8d78ad54ba9e9c26d4b0caa1cfaddd4bf0954dc1a73beadea0902f764f3c9bfedb7ba03f

    • SSDEEP

      6144:E/+HHHHH/269EE1DDeiitHYS7TsCUvwxVzPY0w0joOC3K1JAVBAxEGn6WKTeAFH9:97HiZYSsCzzY0FjomKWVAT9JFXVkg

MITRE ATT&CK Enterprise v15

Tasks