General
-
Target
ae90a26f50161558cba0cc3a4e8e5d58b5cbb25cd73b2e433ec8117206981d9c
-
Size
61KB
-
Sample
220724-2g1vcsbbhk
-
MD5
b6b3b7ab04cab7927e043a3a1fe795a6
-
SHA1
c7e23a585698078df1dcc734a78044b04541495c
-
SHA256
ae90a26f50161558cba0cc3a4e8e5d58b5cbb25cd73b2e433ec8117206981d9c
-
SHA512
7d851bf0c9503b64525e5294abda713655169cec57cadc282275c1851cdb253d0fc7968551fb2c0c42f9d70efeb3960ff225328a805f94a83045fe0ed641483f
Malware Config
Extracted
emotet
Epoch3
70.32.94.58:8080
213.138.100.98:8080
144.76.62.10:8080
110.36.234.146:80
51.38.134.203:8080
83.169.33.157:8080
113.52.135.33:7080
93.78.205.196:443
178.249.187.150:7080
216.75.37.196:8080
181.97.70.132:8080
181.47.235.26:993
176.58.93.123:80
80.227.67.18:20
138.197.140.163:8080
190.13.146.47:443
173.249.157.58:8080
192.241.220.183:8080
186.10.16.244:53
181.113.229.139:990
Targets
-
-
Target
ae90a26f50161558cba0cc3a4e8e5d58b5cbb25cd73b2e433ec8117206981d9c
-
Size
61KB
-
MD5
b6b3b7ab04cab7927e043a3a1fe795a6
-
SHA1
c7e23a585698078df1dcc734a78044b04541495c
-
SHA256
ae90a26f50161558cba0cc3a4e8e5d58b5cbb25cd73b2e433ec8117206981d9c
-
SHA512
7d851bf0c9503b64525e5294abda713655169cec57cadc282275c1851cdb253d0fc7968551fb2c0c42f9d70efeb3960ff225328a805f94a83045fe0ed641483f
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M3
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M3
-
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M4
suricata: ET MALWARE Win32/Emotet CnC Activity (POST) M4
-
Drops file in System32 directory
-