General

  • Target

    edaf73489a0dba94a393320fed2eb34c608685e54ecc028d6c475c154909e6f7

  • Size

    336KB

  • Sample

    241113-vtp53avqcz

  • MD5

    317644d59865d7746a0686b99f611c2e

  • SHA1

    00c31fb4b8d7054769da7da6f0872a3e414343a4

  • SHA256

    edaf73489a0dba94a393320fed2eb34c608685e54ecc028d6c475c154909e6f7

  • SHA512

    f63292e0773d0656feb3ad47f700771d510754910ef77e03b02d23d75528dd4f0e9dd6698853b39a794a8ee5b044485744adbb7a95f2824b7de9f48b652f8d86

  • SSDEEP

    6144:G3q5crb5h5lp2ZzBUdONOL4BdXE6264/U0RaGBM11tDs7QPvYEEPITFsJ:G3acrplp+yONOsC6pWi11tDqeREPITF

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

204.197.146.48:80

212.51.142.238:8080

200.55.243.138:8080

103.86.49.11:8080

83.110.223.58:443

139.130.242.43:80

41.60.200.34:80

110.145.77.103:80

183.101.175.193:80

50.116.86.205:8080

79.98.24.39:8080

180.92.239.110:8080

203.153.216.189:7080

137.59.187.107:8080

109.74.5.95:8080

61.19.246.238:443

209.182.216.177:443

162.241.92.219:8080

47.153.182.47:80

176.111.60.55:8080

rsa_pubkey.plain

Targets

    • Target

      edaf73489a0dba94a393320fed2eb34c608685e54ecc028d6c475c154909e6f7

    • Size

      336KB

    • MD5

      317644d59865d7746a0686b99f611c2e

    • SHA1

      00c31fb4b8d7054769da7da6f0872a3e414343a4

    • SHA256

      edaf73489a0dba94a393320fed2eb34c608685e54ecc028d6c475c154909e6f7

    • SHA512

      f63292e0773d0656feb3ad47f700771d510754910ef77e03b02d23d75528dd4f0e9dd6698853b39a794a8ee5b044485744adbb7a95f2824b7de9f48b652f8d86

    • SSDEEP

      6144:G3q5crb5h5lp2ZzBUdONOL4BdXE6264/U0RaGBM11tDs7QPvYEEPITFsJ:G3acrplp+yONOsC6pWi11tDqeREPITF

MITRE ATT&CK Enterprise v15

Tasks