General

  • Target

    54302124b6ff341959692151dce8679bcf84b9335d76ada4b6c3c63cd0eb9a99

  • Size

    688KB

  • Sample

    241120-2lb2sszjfp

  • MD5

    fa993e54505df5963c4985d9c0ac728a

  • SHA1

    b1093b87a287515d6b61ca5aa638b4d663893687

  • SHA256

    54302124b6ff341959692151dce8679bcf84b9335d76ada4b6c3c63cd0eb9a99

  • SHA512

    7d01541ba217b5764df3bc43ce7f20c5a78dfecd964651540373a3febdf9688d8feb7ab7a28bb821f1663fd093c3445e470cb3ede0cde7def25db8584c96d674

  • SSDEEP

    12288:qI5z0DLVQP+GFv1iQ3Gf0TzZbMhLshD0WBDJdajFVNgvDeD7T6400v6p:Zz0lQG2m0TzZK4hhJduFVNgyT/Q

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

177.37.81.212:443

74.207.230.187:8080

190.164.75.175:80

87.252.100.28:80

105.209.239.55:80

163.172.107.70:8080

37.208.106.146:8080

24.157.25.203:80

212.112.113.235:80

140.207.113.106:443

75.139.38.211:80

192.210.217.94:8080

46.49.124.53:80

75.127.14.170:8080

87.106.231.60:8080

139.59.12.63:8080

181.167.35.84:80

201.214.108.231:80

74.208.173.91:8080

189.146.1.78:443

rsa_pubkey.plain

Targets

    • Target

      54302124b6ff341959692151dce8679bcf84b9335d76ada4b6c3c63cd0eb9a99

    • Size

      688KB

    • MD5

      fa993e54505df5963c4985d9c0ac728a

    • SHA1

      b1093b87a287515d6b61ca5aa638b4d663893687

    • SHA256

      54302124b6ff341959692151dce8679bcf84b9335d76ada4b6c3c63cd0eb9a99

    • SHA512

      7d01541ba217b5764df3bc43ce7f20c5a78dfecd964651540373a3febdf9688d8feb7ab7a28bb821f1663fd093c3445e470cb3ede0cde7def25db8584c96d674

    • SSDEEP

      12288:qI5z0DLVQP+GFv1iQ3Gf0TzZbMhLshD0WBDJdajFVNgvDeD7T6400v6p:Zz0lQG2m0TzZK4hhJduFVNgyT/Q

MITRE ATT&CK Enterprise v15

Tasks