General

  • Target

    6faac707187fa3f8203921e1b919416b362b56f313e53f4a2005fc3bf97b5417

  • Size

    176KB

  • Sample

    241113-wkyxaawlas

  • MD5

    aa59d8c6b269f8bda6f053f4860da14e

  • SHA1

    f755e45df41fb1f65c137f4e281617f9eb091447

  • SHA256

    6faac707187fa3f8203921e1b919416b362b56f313e53f4a2005fc3bf97b5417

  • SHA512

    c8b521e4737c29f9a5d14cc6e520e3b702ea73f6a002bb15d921100ed8030ca1a8eace4567a88bb8c101ddbbf3809508c425ad1b33acbdb7941401768e08f248

  • SSDEEP

    3072:RxFrVZ8wIRbLlPljFpCXDC8uPF+qZqcLknKtntNf98JvpjQqDbfoF:RLr/8w2bLlNB8uPLxVtntNfWJvZQO

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

118.7.227.42:443

188.226.165.170:8080

188.40.170.197:80

51.38.50.144:8080

153.229.219.1:443

162.144.145.58:8080

126.126.139.26:443

85.246.78.192:80

177.130.51.198:80

42.200.96.63:80

73.55.128.120:80

113.203.238.130:80

202.29.237.113:8080

181.59.59.54:80

58.27.215.3:8080

60.108.128.186:80

190.192.39.136:80

185.63.32.149:80

50.116.78.109:8080

121.117.147.153:443

rsa_pubkey.plain

Targets

    • Target

      6faac707187fa3f8203921e1b919416b362b56f313e53f4a2005fc3bf97b5417

    • Size

      176KB

    • MD5

      aa59d8c6b269f8bda6f053f4860da14e

    • SHA1

      f755e45df41fb1f65c137f4e281617f9eb091447

    • SHA256

      6faac707187fa3f8203921e1b919416b362b56f313e53f4a2005fc3bf97b5417

    • SHA512

      c8b521e4737c29f9a5d14cc6e520e3b702ea73f6a002bb15d921100ed8030ca1a8eace4567a88bb8c101ddbbf3809508c425ad1b33acbdb7941401768e08f248

    • SSDEEP

      3072:RxFrVZ8wIRbLlPljFpCXDC8uPF+qZqcLknKtntNf98JvpjQqDbfoF:RLr/8w2bLlNB8uPLxVtntNfWJvZQO

MITRE ATT&CK Enterprise v15

Tasks