General

  • Target

    dbdb6adc78ad19706179a8584f81f0832e620f7b59d60d7707981a56e996c739.exe

  • Size

    60KB

  • Sample

    241124-s8mblssqar

  • MD5

    b05a6938adfad590fb1d614440e8dd1f

  • SHA1

    b417cc32d29546f346a078ef8460e48791fe1581

  • SHA256

    dbdb6adc78ad19706179a8584f81f0832e620f7b59d60d7707981a56e996c739

  • SHA512

    efc9928f243ddc74f367a01f06e8b9c4dc51959b4da939f5c45e5ff3f503d73ee2efc5a9494d52c896509d0dd6640601956e9649431183294bd099451e9d7ab4

  • SSDEEP

    1536:t0LOjAh58gCsdJL6jYFO2sZgKW+Vf2r4Cl:vjAhYsdF6jAO2xp+VVCl

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

107.185.211.16:80

96.8.113.4:8080

153.126.210.205:7080

47.146.117.214:80

104.131.44.150:8080

169.239.182.217:8080

95.179.229.244:8080

209.182.216.177:443

209.141.54.221:8080

5.196.74.210:8080

72.12.127.184:443

104.131.11.150:443

200.55.243.138:8080

116.203.32.252:8080

142.105.151.124:443

81.2.235.111:8080

74.120.55.163:80

167.86.90.214:8080

87.106.139.101:8080

37.139.21.175:8080

rsa_pubkey.plain

Targets

    • Target

      dbdb6adc78ad19706179a8584f81f0832e620f7b59d60d7707981a56e996c739.exe

    • Size

      60KB

    • MD5

      b05a6938adfad590fb1d614440e8dd1f

    • SHA1

      b417cc32d29546f346a078ef8460e48791fe1581

    • SHA256

      dbdb6adc78ad19706179a8584f81f0832e620f7b59d60d7707981a56e996c739

    • SHA512

      efc9928f243ddc74f367a01f06e8b9c4dc51959b4da939f5c45e5ff3f503d73ee2efc5a9494d52c896509d0dd6640601956e9649431183294bd099451e9d7ab4

    • SSDEEP

      1536:t0LOjAh58gCsdJL6jYFO2sZgKW+Vf2r4Cl:vjAhYsdF6jAO2xp+VVCl

MITRE ATT&CK Enterprise v15

Tasks