General

  • Target

    5f0b4b65f1f154403626653b114080f2b860dcda36dce06566b6422b6bc0859f

  • Size

    728KB

  • Sample

    241120-wmv86s1emq

  • MD5

    1146e5bbd86c5ffb8dd4432e310458a1

  • SHA1

    9802734e7ba2116b03a1463cbccd7844b8285388

  • SHA256

    5f0b4b65f1f154403626653b114080f2b860dcda36dce06566b6422b6bc0859f

  • SHA512

    64b017e7629a24c26136989e502e4645e49cd0887196de8c550a56d117b458f4affb4bf67324dfd93a075869984ce296112af3ee9cd4c1f27c46c6e28a6af6dc

  • SSDEEP

    12288:aIabL1+x29hs+bDBLKhKmCKzTrjJi0I8PxiGhWzx+o8/NQfN7IT5p:XabLXhs7AZKzvj0T0hWzP8/yfRIT3

Malware Config

Extracted

Family

emotet

Botnet

Epoch5

C2

68.183.91.111:8080

164.52.194.45:8080

202.29.239.162:443

54.38.143.246:7080

54.37.106.167:8080

185.148.168.220:8080

196.44.98.190:8080

175.126.176.79:8080

207.148.81.119:8080

37.59.209.141:8080

103.42.58.120:7080

54.37.228.122:443

68.183.93.250:443

66.42.57.149:443

45.71.195.104:8080

78.47.204.80:443

128.199.192.135:8080

195.154.146.35:443

118.98.72.86:443

116.124.128.206:8080

eck1.plain
ecs1.plain

Targets

    • Target

      5f0b4b65f1f154403626653b114080f2b860dcda36dce06566b6422b6bc0859f

    • Size

      728KB

    • MD5

      1146e5bbd86c5ffb8dd4432e310458a1

    • SHA1

      9802734e7ba2116b03a1463cbccd7844b8285388

    • SHA256

      5f0b4b65f1f154403626653b114080f2b860dcda36dce06566b6422b6bc0859f

    • SHA512

      64b017e7629a24c26136989e502e4645e49cd0887196de8c550a56d117b458f4affb4bf67324dfd93a075869984ce296112af3ee9cd4c1f27c46c6e28a6af6dc

    • SSDEEP

      12288:aIabL1+x29hs+bDBLKhKmCKzTrjJi0I8PxiGhWzx+o8/NQfN7IT5p:XabLXhs7AZKzvj0T0hWzP8/yfRIT3

MITRE ATT&CK Matrix

Tasks