ioc[.]one - OSINT Cyber Threat Intelligence Database

Emotet Summary: November 2021 Through January 2022

Tags

country:	Italy United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Installer Packages - T1546.016 Ip Addresses - T1590.005 Malicious Link - T1204.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Rundll32 - T1218.011 Server - T1583.004 Server - T1584.004 Software - T1592.002 Powershell - T1086 Rundll32 - T1085

Show in Graph

Common Information

Type	Value
UUID	c42a3c1b-1c19-4c41-b352-a9e6f2f1835c
Fingerprint	a018986529750b97
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 17, 2022, 1 p.m.
Added to db	Sept. 11, 2022, 12:45 p.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Emotet Summary: November 2021 Through January 2022
Title	Emotet Summary: November 2021 Through January 2022
Detected Hints/Tags/Attributes	88/3/114

Source URLs

	Redirection	Url
Details	Source	https://unit42.paloaltonetworks.com/emotet-malware-summary-epoch-4-5/

URL Provider

Details	Provider	Source level domain
Details	paloaltonetworks.com	unit42.paloaltonetworks.com

Attributes

Details	Type	#Events	Value
Details	Domain	831	example.com
Details	Domain	1	thegreenlantern.net
Details	Domain	97	abuse.ch
Details	Domain	1	435.zip
Details	Domain	1	1811.zip
Details	Domain	1	18112021.zip
Details	Domain	1	433492807279.zip
Details	Domain	1	763325738862.zip
Details	Domain	1	jamaateislami.com
Details	Domain	1	voltaicplasma.com
Details	Domain	1	linebot.gugame.net
Details	Domain	1	lpj917.com
Details	Domain	1	html.gugame.net
Details	Domain	1	xanthelasmaremoval.com
Details	Domain	1	giadinhviet.com
Details	Domain	1	hispanicaidgroup.org
Details	Domain	1	locstorageinfo.z13.web.core.windows.net
Details	Domain	1	www.thebanditproject.com
Details	Domain	1	mustache.webstory.sa
Details	Domain	1	vdevigueta.com
Details	Domain	1	bujogradba.com
Details	Domain	1	daxinghuo.com
Details	Domain	1	masl.cn
Details	Domain	1	goodmarketinggroup.com
Details	Domain	1	mammy-chiro.com
Details	Domain	1	bluetoothheadsetreview.xyz
Details	Domain	1	topline36.xyz
Details	Domain	88	malware-traffic-analysis.net
Details	Email	1	alan.scott@thegreenlantern.net
Details	File	409	c:\windows\system32\cmd.exe
Details	File	1	c:\programdata\sdfhiuwu.bat
Details	File	1018	rundll32.exe
Details	File	18	3.zip
Details	File	2	9.zip
Details	File	1	435.zip
Details	File	1	1811.zip
Details	File	1	18112021.zip
Details	File	1	433492807279.zip
Details	File	1	763325738862.zip
Details	File	6	3.doc
Details	File	3	9.doc
Details	File	1	435.doc
Details	File	1	1811.doc
Details	File	1	18112021.doc
Details	File	1	433492807279.doc
Details	File	1	763325738862.doc
Details	File	1	c:\programdata\1245045870.dll
Details	File	12	web.core
Details	File	1	wsprotocol.exe
Details	File	1	rep_1671971987654103376.xls
Details	File	3	_.html
Details	File	1	pp.png
Details	File	7	c:\users\public\documents\ssd.dll
Details	File	1	06028_2603.xlsm
Details	sha256	1	a1ab66a0fbb84a29e5c7733c42337bc733d8b3c11e2d9f9e4357f47fb337c4d5
Details	sha256	1	176cfa7f0742d5a79b9cfbf266c437b965fc763cf775415ca251c6bb2dd5e9e5
Details	sha256	1	6c34e373479e1a7485025dc3ffa5d23db999aea83e4f3759bd8381fb88e2bbbf
Details	sha256	1	8dc28ac1c66f3d17794bb0059445f4deb9db029eb6d4ea1adca734d035bdaecf
Details	sha256	1	4668e7d6bdb00fb80807ed91eef5ac9f6ba0dfd50d260d3e0240847b0ec16f69
Details	sha256	1	bfdad57171267921a678ba9d86fd096c00197524698cc03a84d2cfeefdca5587
Details	sha256	1	66c34636aaf73f74df8da9981ca6054eb4143d1761dbde8e0e83899805590db2
Details	sha256	1	304fba4a048904744d6d1c4d8bfd5d7b4019c2c45aba0499d797ee0d6807dfa8
Details	sha256	1	e5f3a7e75c03d45462992b0a973e7e25b533e293724590c9eb34f5ee729039b0
Details	sha256	1	0cacc247469125b5e0977b9de9814db0eb642c109ca5d13ee9c336aef2ec4c19
Details	sha256	1	801ec1ec71051838efe75fd89344b676fa741d9e7718e534f119c57a899f4792
Details	sha256	1	cbddc8fea92cdf40f8efac2fe8fa534d52d90cccecbb914f3827002f680da98a
Details	sha256	1	fccaf2af38484493d763b0ea37e68a40eb6def3030cfa975fa8d389e96b49378
Details	sha256	1	d655ab6b9350ec4f64c735cd23be62ca87d49165b244cefe75ad0dbb061de3d4
Details	sha256	1	555dff455242a5f82f79eecb66539bfd1daa842481168f1f1df911ac05a1cfba
Details	sha256	1	450cba4a0f2b8c14dee55c33c9c0f522a4dddd1b463e39e8e736ed37dc2fac74
Details	sha256	1	7c55c3656184b145b3b3f6449c05d93fa389650ad235512d2f99ee412085cf3a
Details	sha256	1	36a81cd64e7649d9f91925194e89e8463c980682596eef19c4f5df6e1ac77b2a
Details	sha256	1	a04714dcfad52b9dbf2f649810a6c489c5eb2a15118043f0173571310597b8cb
Details	sha256	1	fcf5500a8b46bf8c7234fb0cc4568e2bd65b12ef8b700dc11ff8ee507ba129da
Details	sha256	1	97ebdff655fa111863fbd084f99187c9b6b369fe88fdb1333f8b89aac09fc48d
Details	sha256	1	a08271fe6d67cc6cf678683f58e22412e6872a985a03b8444584bea57aa3cbb7
Details	sha256	1	7c35902055f69af2cbb6c941821ceba3d79b2768dd2235c282b195eb48cc6c83
Details	sha256	1	292826fa66737d718d0d23f5842dc88e05c8ba5ade7e51212dded85137631b31
Details	sha256	1	4978285fc20fb2ac2990a735071277302c9175d16820ac64f326679f162354ff
Details	IPv4	5	51.178.61.60
Details	IPv4	1	103.161.172.108
Details	IPv4	2	122.129.203.163
Details	IPv4	9	46.55.222.11
Details	IPv4	2	163.172.50.82
Details	IPv4	1	87.251.86.178
Details	IPv4	2	54.37.212.235
Details	IPv4	1	144.202.34.169
Details	IPv4	1	41.226.30.6
Details	IPv4	2	45.138.98.34
Details	IPv4	3	62.141.45.103
Details	IPv4	1	161.97.77.73
Details	Url	1	http://jamaateislami.com/wp-admin/fkyniherz1
Details	Url	1	http://voltaicplasma.com/wp-includes/wkcypdihyc8bitpn444b
Details	Url	1	http://linebot.gugame.net/images/rx6mvscggr
Details	Url	1	http://lpj917.com/wp-content/cc4kg1mdr4xawp91sja
Details	Url	1	http://html.gugame.net/img/5xubiriq4s3etkev67ebn
Details	Url	1	http://xanthelasmaremoval.com/wp-includes/vvvcpysrtggjqqfgjxbs
Details	Url	1	http://giadinhviet.com/pdf/log_in/8kqbfuyohsdrgcjx
Details	Url	1	http://hispanicaidgroup.org/ufay0vq/kewigzwt
Details	Url	1	https://locstorageinfo.z13.web.core.windows.net/ioocceneen.appinstaller
Details	Url	1	https://locstorageinfo.z13.web.core.windows.net/ioocceneen.appxbundle
Details	Url	1	http://www.thebanditproject.com/wp-content/bvzk54pfscqkio6
Details	Url	1	http://87.251.86.178/pp/_.html
Details	Url	1	http://87.251.86.178/pp/pp.png
Details	Url	1	http://mustache.webstory.sa/wp-includes/crwe2pkxasj
Details	Url	1	https://vdevigueta.com/wp-admin/qyowd7kpd6jx
Details	Url	1	http://bujogradba.com/5tvjjl/qip8h0w5gmr5p9fgiw
Details	Url	1	https://daxinghuo.com/get/ou8lm4p
Details	Url	1	http://masl.cn/1/4ilcpoj6pjtsj3ear
Details	Url	1	http://goodmarketinggroup.com/newish/562_9559085
Details	Url	1	http://goodmarketinggroup.com/newish/562_9559085/?i=1
Details	Url	1	http://mammy-chiro.com/case/ztkbzbz
Details	Url	1	http://bluetoothheadsetreview.xyz/wp-includes/xmdhaggfki
Details	Url	1	http://topline36.xyz/wp-includes/css/bb9ajvjs89u9o