General

  • Target

    896ec67a9504eaa478393918ee33ab518276b3193b08d734526fa330d81d1d7b

  • Size

    280KB

  • Sample

    241113-rqjmbswrfk

  • MD5

    58619890b9bfdee0bde0d105583c1fe6

  • SHA1

    d9562785c4619a6c094a250c14f9ee4ef02b9097

  • SHA256

    896ec67a9504eaa478393918ee33ab518276b3193b08d734526fa330d81d1d7b

  • SHA512

    bd7db5a2a1791799377a8e0bf1f66f99da96daa63f067f4e8c01e5ab81f58f98282520c857ac02247c60b76aec0be620773f00b3bd8e972809fe4c358e61a4ad

  • SSDEEP

    6144:R5Ok16o3vLNXMMJmbccld5b2IOIQlNtGZknCiS6cyjeh:RyozqMrLcyjeh

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

137.119.36.33:80

116.202.234.183:8080

69.30.203.214:8080

204.197.146.48:80

87.106.136.232:8080

153.163.83.106:80

91.211.88.52:7080

93.147.212.206:80

222.214.218.37:4143

189.212.199.126:443

203.153.216.189:7080

83.169.36.251:8080

188.83.220.2:443

104.236.246.93:8080

173.62.217.22:443

5.196.74.210:8080

68.188.112.97:80

139.130.242.43:80

61.19.246.238:443

24.179.13.119:80

rsa_pubkey.plain

Targets

    • Target

      896ec67a9504eaa478393918ee33ab518276b3193b08d734526fa330d81d1d7b

    • Size

      280KB

    • MD5

      58619890b9bfdee0bde0d105583c1fe6

    • SHA1

      d9562785c4619a6c094a250c14f9ee4ef02b9097

    • SHA256

      896ec67a9504eaa478393918ee33ab518276b3193b08d734526fa330d81d1d7b

    • SHA512

      bd7db5a2a1791799377a8e0bf1f66f99da96daa63f067f4e8c01e5ab81f58f98282520c857ac02247c60b76aec0be620773f00b3bd8e972809fe4c358e61a4ad

    • SSDEEP

      6144:R5Ok16o3vLNXMMJmbccld5b2IOIQlNtGZknCiS6cyjeh:RyozqMrLcyjeh

MITRE ATT&CK Enterprise v15

Tasks