General

  • Target

    fa55adec1d2b560981bb6ed20845493f6e4abb1c265d33899f67fa9c4fdcdbc5

  • Size

    980KB

  • Sample

    241112-zsrdys1erl

  • MD5

    b227d08085cfbfdcd48d757b7883b327

  • SHA1

    09a34e9363b212c18d709fdd85a266b04fa21218

  • SHA256

    fa55adec1d2b560981bb6ed20845493f6e4abb1c265d33899f67fa9c4fdcdbc5

  • SHA512

    ad970c4316632c411c66f078b248221569b225b7e6c9f982279cf23459591dbc8d8c4b326c2c50914a06c38f22384fbe1f6670a5ca8b7e83550998b62e59cc69

  • SSDEEP

    12288:PWgHwLMoeYPdiZPIcMd+7FpSlbDoccG4QWmS:HZPIrdwsbEPQ

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

82.76.111.249:443

116.125.120.88:443

217.160.182.191:8080

189.1.185.98:8080

189.194.58.119:80

213.181.91.224:80

219.92.13.25:80

190.6.193.152:8080

61.92.159.208:8080

209.236.123.42:8080

12.162.84.2:8080

190.147.137.153:443

104.131.103.37:8080

212.231.60.98:80

202.62.39.111:80

82.240.207.95:443

170.81.48.2:80

177.74.228.34:80

82.196.15.205:8080

114.109.179.60:80

rsa_pubkey.plain

Targets

    • Target

      fa55adec1d2b560981bb6ed20845493f6e4abb1c265d33899f67fa9c4fdcdbc5

    • Size

      980KB

    • MD5

      b227d08085cfbfdcd48d757b7883b327

    • SHA1

      09a34e9363b212c18d709fdd85a266b04fa21218

    • SHA256

      fa55adec1d2b560981bb6ed20845493f6e4abb1c265d33899f67fa9c4fdcdbc5

    • SHA512

      ad970c4316632c411c66f078b248221569b225b7e6c9f982279cf23459591dbc8d8c4b326c2c50914a06c38f22384fbe1f6670a5ca8b7e83550998b62e59cc69

    • SSDEEP

      12288:PWgHwLMoeYPdiZPIcMd+7FpSlbDoccG4QWmS:HZPIrdwsbEPQ

MITRE ATT&CK Enterprise v15

Tasks