General

  • Target

    adb14ebf95cf0e43c25066e3d20f0a2c2ab34a64ad7d6c2230d6f1fbab3f854c

  • Size

    428KB

  • Sample

    241113-wqny9swlfz

  • MD5

    01d917afa278b7d4e1f0373248788a53

  • SHA1

    08081cfec3aefa0e2400c153abe5dfa773624421

  • SHA256

    adb14ebf95cf0e43c25066e3d20f0a2c2ab34a64ad7d6c2230d6f1fbab3f854c

  • SHA512

    c8ded63811e466f579159e7c3aa2236f56db7d040185e3e01fd72d0162d6ee1b248e87bc4ae6d0a962ae5e6a656b76f9083e3f19af6701ab8019046497f2c1c0

  • SSDEEP

    12288:+61KBnflNHOvmzIeCHM3/qJd60gmoP1jjv08/adpUu:+6wXCs3/qJd60gmoP1jjv08/ipUu

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

24.249.135.121:80

185.94.252.13:443

149.62.173.247:8080

50.28.51.143:8080

80.249.176.206:80

5.196.35.138:7080

190.17.195.202:80

143.0.87.101:80

190.147.137.153:443

181.30.69.50:80

51.255.165.160:8080

190.96.118.251:443

72.47.248.48:7080

178.79.163.131:8080

212.231.60.98:80

187.162.248.237:80

2.47.112.152:80

68.183.190.199:8080

192.241.143.52:8080

77.55.211.77:8080

rsa_pubkey.plain

Targets

    • Target

      adb14ebf95cf0e43c25066e3d20f0a2c2ab34a64ad7d6c2230d6f1fbab3f854c

    • Size

      428KB

    • MD5

      01d917afa278b7d4e1f0373248788a53

    • SHA1

      08081cfec3aefa0e2400c153abe5dfa773624421

    • SHA256

      adb14ebf95cf0e43c25066e3d20f0a2c2ab34a64ad7d6c2230d6f1fbab3f854c

    • SHA512

      c8ded63811e466f579159e7c3aa2236f56db7d040185e3e01fd72d0162d6ee1b248e87bc4ae6d0a962ae5e6a656b76f9083e3f19af6701ab8019046497f2c1c0

    • SSDEEP

      12288:+61KBnflNHOvmzIeCHM3/qJd60gmoP1jjv08/adpUu:+6wXCs3/qJd60gmoP1jjv08/ipUu

MITRE ATT&CK Enterprise v15

Tasks