General

  • Target

    4591745f1beebd8c7dd75f90a8a09139528c5bac34bdc3ba18410b67d8371f9a

  • Size

    372KB

  • Sample

    241112-zsaq7sznex

  • MD5

    c9206e0eb98487e6a747a01d8976cfc0

  • SHA1

    4cba9c8dc8959da2e749ed145caa4e485a5b8fa5

  • SHA256

    4591745f1beebd8c7dd75f90a8a09139528c5bac34bdc3ba18410b67d8371f9a

  • SHA512

    5233d98b5f1a2b5c256a3329e1f85bf61d3e3bc307e91457f7d0d272d2705d5411bc05dbc80186ec98b590e599e15232eb7ddcb1746e3e1279da0ced108a18be

  • SSDEEP

    6144:hqpqdUS0u6jJ6KfkWdjCuv4ZVmeg755iLNVfhR7ks12H:hqp8US0HFXfRBDmLNVfhqsg

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

142.105.151.124:443

62.108.54.22:8080

212.51.142.238:8080

71.208.216.10:80

108.48.41.69:80

83.110.223.58:443

210.165.156.91:80

104.131.44.150:8080

104.236.246.93:8080

5.39.91.110:7080

209.141.54.221:8080

209.182.216.177:443

153.126.210.205:7080

91.211.88.52:7080

180.92.239.110:8080

183.101.175.193:80

162.241.92.219:8080

87.106.139.101:8080

114.146.222.200:80

65.111.120.223:80

rsa_pubkey.plain

Targets

    • Target

      4591745f1beebd8c7dd75f90a8a09139528c5bac34bdc3ba18410b67d8371f9a

    • Size

      372KB

    • MD5

      c9206e0eb98487e6a747a01d8976cfc0

    • SHA1

      4cba9c8dc8959da2e749ed145caa4e485a5b8fa5

    • SHA256

      4591745f1beebd8c7dd75f90a8a09139528c5bac34bdc3ba18410b67d8371f9a

    • SHA512

      5233d98b5f1a2b5c256a3329e1f85bf61d3e3bc307e91457f7d0d272d2705d5411bc05dbc80186ec98b590e599e15232eb7ddcb1746e3e1279da0ced108a18be

    • SSDEEP

      6144:hqpqdUS0u6jJ6KfkWdjCuv4ZVmeg755iLNVfhR7ks12H:hqp8US0HFXfRBDmLNVfhqsg

MITRE ATT&CK Enterprise v15

Tasks