General

  • Target

    ea6291e5bb4049b93ff28c9fb5dc80034f378402809da11e49159ea77bd098b3

  • Size

    923KB

  • Sample

    241113-vs55wswerl

  • MD5

    ce5a1c4c619ee10a8d6cffae32cee9b4

  • SHA1

    1649c63cd00d13c8639ab894f217a9671a7e91f2

  • SHA256

    ea6291e5bb4049b93ff28c9fb5dc80034f378402809da11e49159ea77bd098b3

  • SHA512

    90ac3f8c60bd21351a8eab9588564d4188b2d10f974739c7e4c72a50a3408cfbdffa60ae82e4d463d52e1e189877a568e0cf48e2712949ba80c78bce904b6d3c

  • SSDEEP

    12288:1MlCHIWMOZkzNxP+KngRYq3Ocs5PFCJbjhK+pfwf0LqiVN:SCpZkiKngRYbcUYXhK+pfwsLq6

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

73.116.193.136:80

185.94.252.13:443

149.62.173.247:8080

89.32.150.160:8080

185.94.252.12:80

77.90.136.129:8080

83.169.21.32:7080

104.236.161.64:8080

114.109.179.60:80

189.2.177.210:443

68.183.190.199:8080

144.139.91.187:443

185.94.252.27:443

190.181.235.46:80

82.196.15.205:8080

46.28.111.142:7080

181.167.96.215:80

202.62.39.111:80

219.92.13.25:80

191.99.160.58:80

rsa_pubkey.plain

Targets

    • Target

      ea6291e5bb4049b93ff28c9fb5dc80034f378402809da11e49159ea77bd098b3

    • Size

      923KB

    • MD5

      ce5a1c4c619ee10a8d6cffae32cee9b4

    • SHA1

      1649c63cd00d13c8639ab894f217a9671a7e91f2

    • SHA256

      ea6291e5bb4049b93ff28c9fb5dc80034f378402809da11e49159ea77bd098b3

    • SHA512

      90ac3f8c60bd21351a8eab9588564d4188b2d10f974739c7e4c72a50a3408cfbdffa60ae82e4d463d52e1e189877a568e0cf48e2712949ba80c78bce904b6d3c

    • SSDEEP

      12288:1MlCHIWMOZkzNxP+KngRYq3Ocs5PFCJbjhK+pfwf0LqiVN:SCpZkiKngRYbcUYXhK+pfwsLq6

MITRE ATT&CK Enterprise v15

Tasks