General

  • Target

    26a1e4a74876962f9ea472acf07d0fe872c11cff18ff4628b5e85d2d191a7d2b

  • Size

    368KB

  • Sample

    241112-zrwx2strhl

  • MD5

    a4d046c4e1df47c5d86410b6d44bfc0f

  • SHA1

    c48b4502f9cd00e5f659c1838b35deb2282275a7

  • SHA256

    26a1e4a74876962f9ea472acf07d0fe872c11cff18ff4628b5e85d2d191a7d2b

  • SHA512

    7f7bf109377f49279dcb8fe1077513f1b4b993e8d9c50eeb01a4f45e4ccafb5ea1fea1ae0e7a0f5cfe348d6ac1b3753dd6bc2a42052afb1d509270181d1216dc

  • SSDEEP

    6144:AozjUrx4KVHa9eUfTLHygDVjfML+YSetWWAlyb57P/z6GcNdJ8lGn:AoiHV8zpYSeUHlyRnzpcNdCM

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

78.90.78.210:80

188.226.165.170:8080

188.40.170.197:80

51.38.50.144:8080

120.51.34.254:80

85.246.78.192:80

139.59.12.63:8080

46.105.131.68:8080

5.2.246.108:80

60.108.128.186:80

190.55.186.229:80

47.154.85.229:80

188.80.27.54:80

115.79.59.157:80

91.75.75.46:80

119.92.77.17:80

109.13.179.195:80

190.151.5.131:443

5.79.70.250:8080

175.103.38.146:80

rsa_pubkey.plain

Targets

    • Target

      26a1e4a74876962f9ea472acf07d0fe872c11cff18ff4628b5e85d2d191a7d2b

    • Size

      368KB

    • MD5

      a4d046c4e1df47c5d86410b6d44bfc0f

    • SHA1

      c48b4502f9cd00e5f659c1838b35deb2282275a7

    • SHA256

      26a1e4a74876962f9ea472acf07d0fe872c11cff18ff4628b5e85d2d191a7d2b

    • SHA512

      7f7bf109377f49279dcb8fe1077513f1b4b993e8d9c50eeb01a4f45e4ccafb5ea1fea1ae0e7a0f5cfe348d6ac1b3753dd6bc2a42052afb1d509270181d1216dc

    • SSDEEP

      6144:AozjUrx4KVHa9eUfTLHygDVjfML+YSetWWAlyb57P/z6GcNdJ8lGn:AoiHV8zpYSeUHlyRnzpcNdCM

MITRE ATT&CK Enterprise v15

Tasks