General

  • Target

    c9f572cb4a559801e53cd119ad62c10f6bd3c4cc5fcc502da4caf40d3b575499

  • Size

    304KB

  • Sample

    241113-raapgswpbq

  • MD5

    5914c998fc4478fd3b93ef8b5683b285

  • SHA1

    3419474b69a7402d08c58861e4ceee17af3727fb

  • SHA256

    c9f572cb4a559801e53cd119ad62c10f6bd3c4cc5fcc502da4caf40d3b575499

  • SHA512

    9ad1952346d3452521c40162c58ff01f8c58802956d5ea209247dafbfcc4bfd851e7daa12a192a3fb423f5fe5399842d37cd296ee327748b1ebc3bb2c155a2e0

  • SSDEEP

    6144:dWdXY4tsYgxlErlucg9yx6/tcKPR37mkFqJ1W3yf1pA:dWdXY4tIErQD9v/tDPVmk53ip

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

124.45.106.173:443

212.51.142.238:8080

176.111.60.55:8080

201.173.217.124:443

108.48.41.69:80

200.41.121.90:80

222.214.218.37:4143

173.91.22.41:80

78.189.165.52:8080

190.108.228.62:443

209.141.54.221:8080

87.106.139.101:8080

74.208.45.104:8080

186.208.123.210:443

109.117.53.230:443

103.86.49.11:8080

139.59.60.244:8080

153.126.210.205:7080

109.74.5.95:8080

91.211.88.52:7080

rsa_pubkey.plain

Targets

    • Target

      c9f572cb4a559801e53cd119ad62c10f6bd3c4cc5fcc502da4caf40d3b575499

    • Size

      304KB

    • MD5

      5914c998fc4478fd3b93ef8b5683b285

    • SHA1

      3419474b69a7402d08c58861e4ceee17af3727fb

    • SHA256

      c9f572cb4a559801e53cd119ad62c10f6bd3c4cc5fcc502da4caf40d3b575499

    • SHA512

      9ad1952346d3452521c40162c58ff01f8c58802956d5ea209247dafbfcc4bfd851e7daa12a192a3fb423f5fe5399842d37cd296ee327748b1ebc3bb2c155a2e0

    • SSDEEP

      6144:dWdXY4tsYgxlErlucg9yx6/tcKPR37mkFqJ1W3yf1pA:dWdXY4tIErQD9v/tDPVmk53ip

MITRE ATT&CK Enterprise v15

Tasks