General

  • Target

    3d1df63e9ab02bced882fb42a503ad0f4ad7ca17e667e4dd4098e1b8e3a41b4b

  • Size

    336KB

  • Sample

    241113-rke2ystdmr

  • MD5

    b50a2b18d66eefac25996efe89ad2dc9

  • SHA1

    e64a976e11c1469260ccb5ee7567352594e71901

  • SHA256

    3d1df63e9ab02bced882fb42a503ad0f4ad7ca17e667e4dd4098e1b8e3a41b4b

  • SHA512

    77b0df0c04a6a95f06190de38fb6c63e705800a572b679365c923d7ed544526b98a18738d01b0ba6d0e638ed9989f167849cfd22ad234716c34bca78eb1098dc

  • SSDEEP

    6144:er7hkhxeL5b+ZTTTBx+Dqn9iin9dgn9BvortTo5+NTb:enTL8TTTBx+Dqn9iin9dgn9BvonNTb

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

186.189.249.2:80

59.148.253.194:8080

173.212.197.71:8080

5.89.33.136:80

177.144.130.105:443

190.190.219.184:80

82.76.111.249:443

70.32.115.157:8080

62.84.75.50:80

190.24.243.186:80

51.15.7.145:80

24.232.228.233:80

46.105.114.137:8080

216.47.196.104:80

172.86.186.21:8080

186.103.141.250:443

128.92.203.42:80

190.188.245.242:80

152.169.22.67:80

170.81.48.2:80

rsa_pubkey.plain

Targets

    • Target

      3d1df63e9ab02bced882fb42a503ad0f4ad7ca17e667e4dd4098e1b8e3a41b4b

    • Size

      336KB

    • MD5

      b50a2b18d66eefac25996efe89ad2dc9

    • SHA1

      e64a976e11c1469260ccb5ee7567352594e71901

    • SHA256

      3d1df63e9ab02bced882fb42a503ad0f4ad7ca17e667e4dd4098e1b8e3a41b4b

    • SHA512

      77b0df0c04a6a95f06190de38fb6c63e705800a572b679365c923d7ed544526b98a18738d01b0ba6d0e638ed9989f167849cfd22ad234716c34bca78eb1098dc

    • SSDEEP

      6144:er7hkhxeL5b+ZTTTBx+Dqn9iin9dgn9BvortTo5+NTb:enTL8TTTBx+Dqn9iin9dgn9BvonNTb

MITRE ATT&CK Enterprise v15

Tasks