Emotet Payload C2 Network IOC August 2018 Week 3 Campaign

Article by Vishal Thakur

Here is a list of all the current C2 IPs that are being used in the latest Emotet Campaign.

Ip Address	Port	Country	City	Status
199.0.205.131	443	United States	Concordia	Valid
50.244.180.57	80	United States	Hialeah	Valid
68.117.154.235	80	United States	Birmingham	Valid
172.114.12.186	80	United States	Bellflower	Valid
71.222.28.66	80	United States	Las Vegas	Valid
70.31.145.0	80	Canada	Toronto	Valid
72.46.213.222	80	United States	Sugar Land	Valid
212.129.56.179	80	France		Valid
199.119.78.19	80	United States	Dallas	Valid
149.62.173.247	80	Spain		Valid
67.53.103.202	80	United States	Tehachapi	Valid
70.182.9.95	80	United States	Lafayette	Valid
38.29.209.76	80	United States	San Carlos	Valid
46.105.131.69	80	France	Roubaix	Valid
95.141.175.240	80	United Kingdom	Richmond	Valid
70.124.45.152	80	United States	Edinburg	Valid
142.255.116.215	80	United States	New York	Valid
71.244.60.231	80	United States	Plano	Valid
194.150.118.8	80	Bulgaria	Sofia	Valid
68.132.248.98	80	United States	Springfield Gardens	Valid
201.229.10.109	80	Aruba	Noord	Valid
194.88.246.242	443	France		Valid
216.21.168.27	80	United States	Kansas City	Valid
27.50.89.209	80	Australia	Dromana	Valid
174.113.155.237	80	Canada	Ottawa	Valid
46.105.131.87	80	France	Roubaix	Valid
68.97.124.74	80	United States	Oklahoma City	Valid
199.119.78.38	443	United States	Dallas	Valid
73.52.173.117	50000	United States	Kaysville	Valid
173.175.154.68	443	United States	El Paso	Valid
192.119.217.134	80	United States	Ottawa	Valid
174.106.101.58	80	United States	Fayetteville	Valid
189.190.199.2	20	Mexico	Puebla City	Valid
72.23.181.97	7080	United States	Meadville	Valid
189.194.251.114	80	Mexico	Toluca	Valid
146.185.170.222	80	Netherlands		Valid
157.7.164.23	80	Japan	Tokyo	Valid
118.244.214.210	443	China		Valid
108.170.54.171	80	United States	Tempe	Valid
199.119.78.9	80	United States	Dallas	Valid
222.214.218.192	4143	China	Wanyuan	Valid
78.47.182.42	80	Germany	Gunzenhausen	Valid
2.90.246.63	443	Saudi Arabia	Riyadh	Valid

SHA256: e1c94ec2b51a9998f3c804cd4c6d6a8e3408f6442f1060ca5d5f5db0c1a53dc3

_malienist_

Search This Blog

Emotet Payload C2 Network IOC August 2018 Week 3 Campaign

Labels

Comments

Post a Comment

Popular posts from this blog

Grinju Downloader: Anti-analysis (on steroids) | Part 2

Grinju Downloader: Anti-analysis (on steroids) | Part 1

TrickBot C2i and Configs March 2019