General

  • Target

    a3ac744ccb6968ca4722ddb8fc136ebdb1ef6e7b6c631572a474ad1430a17d02

  • Size

    628KB

  • Sample

    241113-wtcemswmbw

  • MD5

    400d169f2435e1a4d498096958d44b60

  • SHA1

    cd044de2b5b680e0d5ff37db460c4360a8aba8d2

  • SHA256

    a3ac744ccb6968ca4722ddb8fc136ebdb1ef6e7b6c631572a474ad1430a17d02

  • SHA512

    6bb4abb4bda6991dfc75ff26966974d624cf2f2e245e0dddea10b23f0cb8a7e3537e9c90b8ce0294e4909abd0056b81cc7755b857d1294f954142b6f9943f32b

  • SSDEEP

    6144:f5FdA9+3bkRQIwYEgRy2k46fifqlADZ/c+eqoYLzaWSDWN3nxyhXk:fvdA9SGh9rBylUpeqhataRnxr

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

105.209.239.55:80

74.207.230.187:8080

212.112.113.235:80

203.153.216.178:7080

41.185.29.128:8080

51.38.201.19:7080

157.7.164.178:8081

113.161.148.81:80

181.167.35.84:80

113.160.180.109:80

177.144.130.105:443

220.128.125.18:80

139.59.12.63:8080

45.118.136.92:8080

81.214.253.80:443

181.164.110.7:80

78.188.170.128:80

46.32.229.152:8080

77.74.78.80:443

177.0.241.28:80

rsa_pubkey.plain

Targets

    • Target

      a3ac744ccb6968ca4722ddb8fc136ebdb1ef6e7b6c631572a474ad1430a17d02

    • Size

      628KB

    • MD5

      400d169f2435e1a4d498096958d44b60

    • SHA1

      cd044de2b5b680e0d5ff37db460c4360a8aba8d2

    • SHA256

      a3ac744ccb6968ca4722ddb8fc136ebdb1ef6e7b6c631572a474ad1430a17d02

    • SHA512

      6bb4abb4bda6991dfc75ff26966974d624cf2f2e245e0dddea10b23f0cb8a7e3537e9c90b8ce0294e4909abd0056b81cc7755b857d1294f954142b6f9943f32b

    • SSDEEP

      6144:f5FdA9+3bkRQIwYEgRy2k46fifqlADZ/c+eqoYLzaWSDWN3nxyhXk:fvdA9SGh9rBylUpeqhataRnxr

MITRE ATT&CK Enterprise v15

Tasks