General

  • Target

    5b24df25af98140a5e557919eb3174db0c907d33541e2e9dd88f7499379abfd5

  • Size

    617KB

  • Sample

    241113-rat35awpcq

  • MD5

    b1ba8455a7c0b97e119286fdb7be7416

  • SHA1

    5bebce11f431cf2a7516e4f1a81fe8a5c3b967bc

  • SHA256

    5b24df25af98140a5e557919eb3174db0c907d33541e2e9dd88f7499379abfd5

  • SHA512

    1968b8d4a0b2ca1c611e47815a8e59d74333ce48297238ab6a1683b6bd3b30b98721abc46130647b04d570d523661c18c700593c162931eb0903994fb6ecbda2

  • SSDEEP

    12288:DXTEnejfEqrrSTw1ww2Yo0MCx1HXqxklNG6cypUjVBRAwvEP+8/H:jIgfT2sO6t3HXqeGtjbG

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

207.144.103.227:80

94.76.247.61:8080

213.176.36.147:8080

186.103.141.250:443

82.76.111.249:443

172.104.169.32:8080

91.222.77.105:80

185.94.252.27:443

213.60.96.117:80

177.73.0.98:443

58.171.153.81:80

77.55.211.77:8080

143.0.87.101:80

170.81.48.2:80

80.249.176.206:80

114.109.179.60:80

82.196.15.205:8080

73.116.193.136:80

192.241.146.84:8080

5.196.35.138:7080

rsa_pubkey.plain

Targets

    • Target

      5b24df25af98140a5e557919eb3174db0c907d33541e2e9dd88f7499379abfd5

    • Size

      617KB

    • MD5

      b1ba8455a7c0b97e119286fdb7be7416

    • SHA1

      5bebce11f431cf2a7516e4f1a81fe8a5c3b967bc

    • SHA256

      5b24df25af98140a5e557919eb3174db0c907d33541e2e9dd88f7499379abfd5

    • SHA512

      1968b8d4a0b2ca1c611e47815a8e59d74333ce48297238ab6a1683b6bd3b30b98721abc46130647b04d570d523661c18c700593c162931eb0903994fb6ecbda2

    • SSDEEP

      12288:DXTEnejfEqrrSTw1ww2Yo0MCx1HXqxklNG6cypUjVBRAwvEP+8/H:jIgfT2sO6t3HXqeGtjbG

MITRE ATT&CK Enterprise v15

Tasks