General

  • Target

    6a1da2e21bc751d7fb405cc778d181aa2c851c1668aeb51547bc075eef2d6577

  • Size

    548KB

  • Sample

    241120-zq6e4atja1

  • MD5

    69d52e52e7d53f5ae1531644e70296ce

  • SHA1

    504a273561d0cb00dc3e9ac9c94e6c318b357df9

  • SHA256

    6a1da2e21bc751d7fb405cc778d181aa2c851c1668aeb51547bc075eef2d6577

  • SHA512

    608aee4ffa08fab945547d2244ec5fca0bf03ac752aa390e62169b79fe4088e82cb2f2a3994b6e5cdc316d00a001a2279ee6b670096af65f7b967f76bf4e6421

  • SSDEEP

    12288:qfwnCEt99LOWblnZUO5EtcrQ4+UtI9z6J5t:qfutrKynZpUcJqQ

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

24.249.135.121:80

185.94.252.13:443

149.62.173.247:8080

50.28.51.143:8080

80.249.176.206:80

5.196.35.138:7080

190.17.195.202:80

143.0.87.101:80

190.147.137.153:443

181.30.69.50:80

51.255.165.160:8080

190.96.118.251:443

72.47.248.48:7080

178.79.163.131:8080

212.231.60.98:80

187.162.248.237:80

2.47.112.152:80

68.183.190.199:8080

192.241.143.52:8080

77.55.211.77:8080

rsa_pubkey.plain

Targets

    • Target

      6a1da2e21bc751d7fb405cc778d181aa2c851c1668aeb51547bc075eef2d6577

    • Size

      548KB

    • MD5

      69d52e52e7d53f5ae1531644e70296ce

    • SHA1

      504a273561d0cb00dc3e9ac9c94e6c318b357df9

    • SHA256

      6a1da2e21bc751d7fb405cc778d181aa2c851c1668aeb51547bc075eef2d6577

    • SHA512

      608aee4ffa08fab945547d2244ec5fca0bf03ac752aa390e62169b79fe4088e82cb2f2a3994b6e5cdc316d00a001a2279ee6b670096af65f7b967f76bf4e6421

    • SSDEEP

      12288:qfwnCEt99LOWblnZUO5EtcrQ4+UtI9z6J5t:qfutrKynZpUcJqQ

MITRE ATT&CK Enterprise v15

Tasks