General

  • Target

    8491c361ea39b65dd6a4074064e72b8ed2cce328de3234f8ed7726ad306b11df

  • Size

    336KB

  • Sample

    241113-v98mcawjbw

  • MD5

    53fd391b90fc742b426a864a4ad44620

  • SHA1

    89a75dda01f94efca5c8af0ca164eaa00e96f1b3

  • SHA256

    8491c361ea39b65dd6a4074064e72b8ed2cce328de3234f8ed7726ad306b11df

  • SHA512

    bf91a05f091a1a6e2e363fe59df850c860e0fb24fde9ce1b1ac91bae4f8f872e101a5b6f73ae399ce98342f66d37f2de5d0cceb2ec09dbed93b279f678e08895

  • SSDEEP

    6144:er7hkh9eL5b+ZTTTBx+Dqn9iin9dgn9BvortTo5+NTb:enbL8TTTBx+Dqn9iin9dgn9BvonNTb

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

186.189.249.2:80

59.148.253.194:8080

173.212.197.71:8080

5.89.33.136:80

177.144.130.105:443

190.190.219.184:80

82.76.111.249:443

70.32.115.157:8080

62.84.75.50:80

190.24.243.186:80

51.15.7.145:80

24.232.228.233:80

46.105.114.137:8080

216.47.196.104:80

172.86.186.21:8080

186.103.141.250:443

128.92.203.42:80

190.188.245.242:80

152.169.22.67:80

170.81.48.2:80

rsa_pubkey.plain

Targets

    • Target

      8491c361ea39b65dd6a4074064e72b8ed2cce328de3234f8ed7726ad306b11df

    • Size

      336KB

    • MD5

      53fd391b90fc742b426a864a4ad44620

    • SHA1

      89a75dda01f94efca5c8af0ca164eaa00e96f1b3

    • SHA256

      8491c361ea39b65dd6a4074064e72b8ed2cce328de3234f8ed7726ad306b11df

    • SHA512

      bf91a05f091a1a6e2e363fe59df850c860e0fb24fde9ce1b1ac91bae4f8f872e101a5b6f73ae399ce98342f66d37f2de5d0cceb2ec09dbed93b279f678e08895

    • SSDEEP

      6144:er7hkh9eL5b+ZTTTBx+Dqn9iin9dgn9BvortTo5+NTb:enbL8TTTBx+Dqn9iin9dgn9BvonNTb

MITRE ATT&CK Enterprise v15

Tasks