General

  • Target

    4634b029aefc053caa2db2b4826a1f08185172e0075ac9091e158adfc2130d3c

  • Size

    248KB

  • Sample

    241113-rgh97staqf

  • MD5

    c7479a617059f2be8a39693d9043102e

  • SHA1

    3d7df1af40ff7fff6a0955d9399d12a8936a224a

  • SHA256

    4634b029aefc053caa2db2b4826a1f08185172e0075ac9091e158adfc2130d3c

  • SHA512

    b535d8b1ef175132057e211955fb3a55bec8cedcd3028f3a0fd651b2b79de45a45560aede10c35dc10690350ab76d7ee86b9d47962425e8ad5e49afe74d2c0c8

  • SSDEEP

    3072:B4pkArp0yocpcIDt+9bADzccj51VvsOQT/taQr7d9lcPpOiGGaaDVU1RIMvP51D:B4pdrp0UPDtxUkVGVaQmpOZOq1RZvP

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

68.44.137.144:443

69.30.203.214:8080

67.205.85.243:8080

79.98.24.39:8080

5.196.74.210:8080

188.83.220.2:443

109.116.214.124:443

203.117.253.142:80

104.131.11.150:443

97.82.79.83:80

121.124.124.40:7080

83.169.36.251:8080

89.186.91.200:443

70.167.215.250:8080

204.197.146.48:80

167.86.90.214:8080

190.160.53.126:80

95.213.236.64:8080

47.144.21.12:443

169.239.182.217:8080

rsa_pubkey.plain

Targets

    • Target

      4634b029aefc053caa2db2b4826a1f08185172e0075ac9091e158adfc2130d3c

    • Size

      248KB

    • MD5

      c7479a617059f2be8a39693d9043102e

    • SHA1

      3d7df1af40ff7fff6a0955d9399d12a8936a224a

    • SHA256

      4634b029aefc053caa2db2b4826a1f08185172e0075ac9091e158adfc2130d3c

    • SHA512

      b535d8b1ef175132057e211955fb3a55bec8cedcd3028f3a0fd651b2b79de45a45560aede10c35dc10690350ab76d7ee86b9d47962425e8ad5e49afe74d2c0c8

    • SSDEEP

      3072:B4pkArp0yocpcIDt+9bADzccj51VvsOQT/taQr7d9lcPpOiGGaaDVU1RIMvP51D:B4pdrp0UPDtxUkVGVaQmpOZOq1RZvP

MITRE ATT&CK Enterprise v15

Tasks