General
-
Target
bfdc3d72a69f8b5d91dcd726788840e6aa5d3c748f71ef0cd047de44f85e2798.zip
-
Size
201KB
-
Sample
221130-jt9c6abe25
-
MD5
0f060fc37f9d17756ab42e6cc73665ad
-
SHA1
3ecb76e1417c0cb5e9d02c067e6462b1686114a8
-
SHA256
fa60c4550361260ead810898a96ca3d82e605ff0b7b9d2a18ad69e804012ab24
-
SHA512
0dccc8ce7df63b7494634dd000cbd6298ade7838b4e972e3d82b0532f468d6f67c7df7971079cf7c6763765c60a913cdf6a20520b18983be3adfc61aa12dd992
-
SSDEEP
6144:kjchg9/VE1uuU1Pqrttpy5rnefEcVcCDHK:kjDjE1MkOescy0K
Malware Config
Extracted
emotet
Epoch3
154.120.227.206:8080
212.112.113.235:80
190.117.206.153:443
94.177.253.126:80
70.32.94.58:8080
213.138.100.98:8080
200.55.168.82:20
178.249.187.150:7080
138.197.140.163:8080
203.99.187.137:443
216.75.37.196:8080
176.58.93.123:80
83.169.33.157:8080
192.241.220.183:8080
201.196.15.79:990
144.76.62.10:8080
113.52.135.33:7080
203.99.182.135:443
91.109.5.28:8080
51.38.134.203:8080
Targets
-
-
Target
bfdc3d72a69f8b5d91dcd726788840e6aa5d3c748f71ef0cd047de44f85e2798.exe
-
Size
345KB
-
MD5
cdda16daa0aa2ead514cdfd1c0d912a7
-
SHA1
2f430c35f7f0e817aaddee94059f9bf235135d5f
-
SHA256
bfdc3d72a69f8b5d91dcd726788840e6aa5d3c748f71ef0cd047de44f85e2798
-
SHA512
ed4c5ca6868046af8d13dd533fec97b0000ca4638b01d0a69f101cbd8a24e38c54697d7dd6f75557fe6fd40236e345c28c79a1c08da79d83c851ee04cf4e315c
-
SSDEEP
6144:RK0+TtNydcBikO3AWTfHjz8J4gzUyxAu4HkdiGKWw7+:D+n+cBikJW4J4gzUy2uwkdiT
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Drops file in System32 directory
-