General

  • Target

    8f9e35e500a1b52b84a4df065515be30d5b1e22c1e9bc98ebd7616ddd7a3cd97

  • Size

    108KB

  • Sample

    241113-vv5xxawfkn

  • MD5

    6677e2062fc2584f03e994693a15f9be

  • SHA1

    f502a4adc28ad5928a386375dc965465f410ebf3

  • SHA256

    8f9e35e500a1b52b84a4df065515be30d5b1e22c1e9bc98ebd7616ddd7a3cd97

  • SHA512

    1b737949bc36a5e696050cca1803101cbeaf7d28a06c3e11e3423af05a0f82d0febae7a79a713dcc80daa81f217772ec4e99d23094a93c749bffde968d653f5f

  • SSDEEP

    1536:CbqV8t0Wnc8bgJVFdoMN4vrkZ69F1220dedM12iROY:CbqmyJjdwTLD122ks35Y

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

64.183.73.122:80

69.30.203.214:8080

67.205.85.243:8080

222.214.218.37:4143

104.236.246.93:8080

110.145.77.103:80

89.186.91.200:443

74.120.55.163:80

95.179.229.244:8080

70.167.215.250:8080

47.146.117.214:80

209.141.54.221:8080

24.43.99.75:80

103.86.49.11:8080

142.105.151.124:443

62.138.26.28:8080

24.179.13.119:80

37.187.72.193:8080

137.59.187.107:8080

97.82.79.83:80

rsa_pubkey.plain

Targets

    • Target

      8f9e35e500a1b52b84a4df065515be30d5b1e22c1e9bc98ebd7616ddd7a3cd97

    • Size

      108KB

    • MD5

      6677e2062fc2584f03e994693a15f9be

    • SHA1

      f502a4adc28ad5928a386375dc965465f410ebf3

    • SHA256

      8f9e35e500a1b52b84a4df065515be30d5b1e22c1e9bc98ebd7616ddd7a3cd97

    • SHA512

      1b737949bc36a5e696050cca1803101cbeaf7d28a06c3e11e3423af05a0f82d0febae7a79a713dcc80daa81f217772ec4e99d23094a93c749bffde968d653f5f

    • SSDEEP

      1536:CbqV8t0Wnc8bgJVFdoMN4vrkZ69F1220dedM12iROY:CbqmyJjdwTLD122ks35Y

MITRE ATT&CK Enterprise v15

Tasks