General

  • Target

    c85856c10beb9c35aa81b0e273e60e47b53fbd3c4745e5fea5d067333c807ee7

  • Size

    176KB

  • Sample

    241113-rgnvpawqdk

  • MD5

    388630d058cbe792df2a4d23648b369c

  • SHA1

    9e342fb30747a1818481c52be43134e59d1f1717

  • SHA256

    c85856c10beb9c35aa81b0e273e60e47b53fbd3c4745e5fea5d067333c807ee7

  • SHA512

    98c4427ee2b516d711d8d55335916267aa620014bce4887c42598b6bf0e95b9f9a6bf21fe9265f2ba47c93712459b2eaa484d86e9a5c226461993d51870b32ec

  • SSDEEP

    3072:RxFrVZ8wIRbLlPlEFpCXDC8uPF+qZqcLknKtntNf98JvpjQqDbfoF:RLr/8w2bLlNC8uPLxVtntNfWJvZQO

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

118.7.227.42:443

188.226.165.170:8080

188.40.170.197:80

51.38.50.144:8080

153.229.219.1:443

162.144.145.58:8080

126.126.139.26:443

85.246.78.192:80

177.130.51.198:80

42.200.96.63:80

73.55.128.120:80

113.203.238.130:80

202.29.237.113:8080

181.59.59.54:80

58.27.215.3:8080

60.108.128.186:80

190.192.39.136:80

185.63.32.149:80

50.116.78.109:8080

121.117.147.153:443

rsa_pubkey.plain

Targets

    • Target

      c85856c10beb9c35aa81b0e273e60e47b53fbd3c4745e5fea5d067333c807ee7

    • Size

      176KB

    • MD5

      388630d058cbe792df2a4d23648b369c

    • SHA1

      9e342fb30747a1818481c52be43134e59d1f1717

    • SHA256

      c85856c10beb9c35aa81b0e273e60e47b53fbd3c4745e5fea5d067333c807ee7

    • SHA512

      98c4427ee2b516d711d8d55335916267aa620014bce4887c42598b6bf0e95b9f9a6bf21fe9265f2ba47c93712459b2eaa484d86e9a5c226461993d51870b32ec

    • SSDEEP

      3072:RxFrVZ8wIRbLlPlEFpCXDC8uPF+qZqcLknKtntNf98JvpjQqDbfoF:RLr/8w2bLlNC8uPLxVtntNfWJvZQO

MITRE ATT&CK Enterprise v15

Tasks