General
-
Target
d065af6e650d3f6228a1bbe5cae78e79f876e89c3a0cabafa100dd80f8426c88
-
Size
65KB
-
Sample
220306-smqf5sddfk
-
MD5
0cc17238884c9c6ce174237493e47d53
-
SHA1
e12b733dff4cb07b8944d861bf0fc006e092f5a2
-
SHA256
d065af6e650d3f6228a1bbe5cae78e79f876e89c3a0cabafa100dd80f8426c88
-
SHA512
f99fc1412b1b16896fde1c86a335abe9030ee06841d11539b8f49bfa4250bf4a255b55b248ac8246fee865dcb187e0719b56501363e7e3e8d028d4704ce8e05c
Malware Config
Extracted
emotet
Epoch2
212.129.24.79:8080
37.187.2.199:443
173.249.47.77:8080
182.176.132.213:8090
95.128.43.213:8080
190.145.67.134:8090
46.105.131.87:80
152.89.236.214:8080
190.53.135.159:21
103.39.131.88:80
198.199.114.69:8080
212.71.234.16:8080
206.189.98.125:8080
47.41.213.2:22
92.222.216.44:8080
169.239.182.217:8080
178.210.51.222:8080
67.225.229.55:8080
104.236.246.93:8080
69.164.201.54:8080
Targets
-
-
Target
d065af6e650d3f6228a1bbe5cae78e79f876e89c3a0cabafa100dd80f8426c88
-
Size
65KB
-
MD5
0cc17238884c9c6ce174237493e47d53
-
SHA1
e12b733dff4cb07b8944d861bf0fc006e092f5a2
-
SHA256
d065af6e650d3f6228a1bbe5cae78e79f876e89c3a0cabafa100dd80f8426c88
-
SHA512
f99fc1412b1b16896fde1c86a335abe9030ee06841d11539b8f49bfa4250bf4a255b55b248ac8246fee865dcb187e0719b56501363e7e3e8d028d4704ce8e05c
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M2
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M2
-
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M3
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M3
-
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M4
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M4
-
Drops file in System32 directory
-