General
-
Target
4579bca4d958f8aef3cb870f2129d3932437685278a0b3daef7f66592b50aa98
-
Size
448KB
-
Sample
220521-xbg3vaefdj
-
MD5
4f43483f5f7151ca32566a8425d0b825
-
SHA1
d0963c5fc1fa71906adceed34a377c9432f054c1
-
SHA256
4579bca4d958f8aef3cb870f2129d3932437685278a0b3daef7f66592b50aa98
-
SHA512
fbf675f445881ba7e46ba5bebeda537dcc24af2689d897c6f164a973d25b08c06d0eb11dda681adf4ba291862796b9d6e66d7ce21524956a7ae890cb1422f187
Malware Config
Extracted
emotet
Epoch1
174.100.27.229:80
209.126.6.222:8080
5.153.250.14:8080
192.241.146.84:8080
95.9.180.128:80
77.55.211.77:8080
85.105.140.135:443
45.33.77.42:8080
77.90.136.129:8080
94.176.234.118:443
190.163.31.26:80
190.6.193.152:8080
190.181.235.46:80
81.198.69.61:80
188.2.217.94:80
114.109.179.60:80
83.169.21.32:7080
137.74.106.111:7080
212.231.60.98:80
170.81.48.2:80
Targets
-
-
Target
4579bca4d958f8aef3cb870f2129d3932437685278a0b3daef7f66592b50aa98
-
Size
448KB
-
MD5
4f43483f5f7151ca32566a8425d0b825
-
SHA1
d0963c5fc1fa71906adceed34a377c9432f054c1
-
SHA256
4579bca4d958f8aef3cb870f2129d3932437685278a0b3daef7f66592b50aa98
-
SHA512
fbf675f445881ba7e46ba5bebeda537dcc24af2689d897c6f164a973d25b08c06d0eb11dda681adf4ba291862796b9d6e66d7ce21524956a7ae890cb1422f187
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M8
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M8
-
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M9
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M9
-
Emotet Payload
Detects Emotet payload in memory.
-