General

  • Target

    6bcbbeaa21a6c5bc598122f12bbdc244ed20dcd89cb5b47682a81cb0acd530ee

  • Size

    76KB

  • Sample

    241112-zrvpzszndy

  • MD5

    54c033fe06f178d9389bfb7f5ce47b3c

  • SHA1

    b38be3f6b1430d7e4ecbba408bbb13062a423be8

  • SHA256

    6bcbbeaa21a6c5bc598122f12bbdc244ed20dcd89cb5b47682a81cb0acd530ee

  • SHA512

    4404897e9ca1bf92b753a63e70b9ff061b3d47fe472e2efa8605c501099497414d6eaca2c47048df733849f0d8cdb7be182dbffc4c8e46803af9dcd768729295

  • SSDEEP

    768:oQVOYWi02otKMn2B/EIsQIR/CbEdkwEUG4LrkzX7K60+n8uZP/6yhYkRelzgxqY:vY/v2otNnY/L0VDWvAu8Q6yh3ReleqY

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

112.78.142.170:80

178.128.14.92:8080

178.238.232.46:443

185.142.236.163:443

192.210.217.94:8080

192.241.220.183:8080

105.209.235.113:8080

182.187.139.200:8080

188.0.135.237:80

201.213.177.139:80

31.146.61.34:80

202.5.47.71:80

81.17.93.134:80

192.163.221.191:8080

97.104.107.190:80

201.235.10.215:80

181.114.114.203:80

51.38.201.19:7080

46.32.229.152:8080

177.144.130.105:443

rsa_pubkey.plain

Targets

    • Target

      6bcbbeaa21a6c5bc598122f12bbdc244ed20dcd89cb5b47682a81cb0acd530ee

    • Size

      76KB

    • MD5

      54c033fe06f178d9389bfb7f5ce47b3c

    • SHA1

      b38be3f6b1430d7e4ecbba408bbb13062a423be8

    • SHA256

      6bcbbeaa21a6c5bc598122f12bbdc244ed20dcd89cb5b47682a81cb0acd530ee

    • SHA512

      4404897e9ca1bf92b753a63e70b9ff061b3d47fe472e2efa8605c501099497414d6eaca2c47048df733849f0d8cdb7be182dbffc4c8e46803af9dcd768729295

    • SSDEEP

      768:oQVOYWi02otKMn2B/EIsQIR/CbEdkwEUG4LrkzX7K60+n8uZP/6yhYkRelzgxqY:vY/v2otNnY/L0VDWvAu8Q6yh3ReleqY

MITRE ATT&CK Enterprise v15

Tasks