General

  • Target

    8cca8e59b1b094d50949bc1f69bd2d270fd8be098f966c00d0d1e5c2efbced25

  • Size

    668KB

  • Sample

    241113-rbhfqatajc

  • MD5

    eceebe33c8f4a0794b2399d6479f5052

  • SHA1

    8a0038a05ff16527a38b839ab93b6b3b52c81377

  • SHA256

    8cca8e59b1b094d50949bc1f69bd2d270fd8be098f966c00d0d1e5c2efbced25

  • SHA512

    36d5d963e1b7cab865ec4f9f891ac3e8097ad52b641edef6d08c3d84cf0320349deba752b4d4fb40c46ef61747cb914504575f25bdd6e54d14e37b9e4689654f

  • SSDEEP

    12288:7UXLmvzeDn+mG+rAJ+jbmYknd73u5t3Ygx+B:7Umen+4rAUmdRCHY

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

179.60.229.168:443

185.94.252.13:443

189.218.165.63:80

77.90.136.129:8080

217.199.160.224:7080

104.131.41.185:8080

2.47.112.152:80

185.94.252.27:443

186.250.52.226:8080

51.255.165.160:8080

68.183.170.114:8080

191.99.160.58:80

104.131.103.37:8080

181.31.211.181:80

202.62.39.111:80

83.169.21.32:7080

87.106.46.107:8080

72.47.248.48:7080

177.75.143.112:443

190.17.195.202:80

rsa_pubkey.plain

Targets

    • Target

      8cca8e59b1b094d50949bc1f69bd2d270fd8be098f966c00d0d1e5c2efbced25

    • Size

      668KB

    • MD5

      eceebe33c8f4a0794b2399d6479f5052

    • SHA1

      8a0038a05ff16527a38b839ab93b6b3b52c81377

    • SHA256

      8cca8e59b1b094d50949bc1f69bd2d270fd8be098f966c00d0d1e5c2efbced25

    • SHA512

      36d5d963e1b7cab865ec4f9f891ac3e8097ad52b641edef6d08c3d84cf0320349deba752b4d4fb40c46ef61747cb914504575f25bdd6e54d14e37b9e4689654f

    • SSDEEP

      12288:7UXLmvzeDn+mG+rAJ+jbmYknd73u5t3Ygx+B:7Umen+4rAUmdRCHY

MITRE ATT&CK Enterprise v15

Tasks