General
-
Target
245ddb53f9821f9397b1a7c6392d31fa10af8eb0c4651cd8b6b4c17354a72fc5
-
Size
280KB
-
Sample
220521-xx8spacge5
-
MD5
731266b66eb0ec8a2eb7295381941616
-
SHA1
137b273614e41ffd8a71f484c9a565cb51734212
-
SHA256
245ddb53f9821f9397b1a7c6392d31fa10af8eb0c4651cd8b6b4c17354a72fc5
-
SHA512
9a36111053949e05484f07be830e82fdb6b2a5234b9d0a8d54249e543b2dc6d08bb6e2256aaa6a98e6d15eedfd1d7afa3b95be804782598442cc9b1f23c1fde7
Malware Config
Extracted
emotet
Epoch2
137.119.36.33:80
116.202.234.183:8080
69.30.203.214:8080
204.197.146.48:80
87.106.136.232:8080
153.163.83.106:80
91.211.88.52:7080
93.147.212.206:80
222.214.218.37:4143
189.212.199.126:443
203.153.216.189:7080
83.169.36.251:8080
188.83.220.2:443
104.236.246.93:8080
173.62.217.22:443
5.196.74.210:8080
68.188.112.97:80
139.130.242.43:80
61.19.246.238:443
24.179.13.119:80
Targets
-
-
Target
245ddb53f9821f9397b1a7c6392d31fa10af8eb0c4651cd8b6b4c17354a72fc5
-
Size
280KB
-
MD5
731266b66eb0ec8a2eb7295381941616
-
SHA1
137b273614e41ffd8a71f484c9a565cb51734212
-
SHA256
245ddb53f9821f9397b1a7c6392d31fa10af8eb0c4651cd8b6b4c17354a72fc5
-
SHA512
9a36111053949e05484f07be830e82fdb6b2a5234b9d0a8d54249e543b2dc6d08bb6e2256aaa6a98e6d15eedfd1d7afa3b95be804782598442cc9b1f23c1fde7
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M8
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M8
-
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M9
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M9
-
Emotet Payload
Detects Emotet payload in memory.
-