General
-
Target
10543736707.zip
-
Size
134KB
-
Sample
230527-snretscf6z
-
MD5
37598302c14e6c7c22a4458f56d19de0
-
SHA1
9135e18007ee17652c13111433cc5aeda29d5e13
-
SHA256
f7440c8ce6d5534cbe6ef1fb144258425f4b4a093ccf85c8ba72984e4f06c1bb
-
SHA512
18bf45a4fa4f1250beb151684a4618468ab7e3ddff564bd55037acb51a7ffa044c2c1eb6c569f840b28a8f33eef7a67fbc20bd488ef6312b2b010ab14a4c20a0
-
SSDEEP
3072:5bvo4qX8uBmrl155WIcGKTrBnxugV/ugipp+KpAJrQLb7LjiHQw:VwVX8uuJ5WmCrBwgV/UpmoSl
Malware Config
Extracted
emotet
Epoch1
63.248.198.8:80
189.19.81.181:443
130.204.247.253:80
96.126.121.64:443
104.236.137.72:8080
85.234.143.94:8080
51.255.165.160:8080
118.36.70.245:80
190.210.184.138:995
188.135.15.49:80
139.162.118.88:8080
72.29.55.174:80
68.183.170.114:8080
181.231.62.54:80
192.241.146.84:8080
71.76.45.83:443
63.246.252.234:80
37.211.49.127:80
74.59.187.94:80
5.88.27.67:8080
Targets
-
-
Target
1ac5bea25241af9ca0f91c10a0c6a368791b18532e518cd250964f6e86d412a1
-
Size
212KB
-
MD5
2323a3cf2de4c6fcc00d2f9c3d1d80f0
-
SHA1
49180a288f441fa9fc95f4f7323b8f9953f998c6
-
SHA256
1ac5bea25241af9ca0f91c10a0c6a368791b18532e518cd250964f6e86d412a1
-
SHA512
824c191b87fa9701add33b195d07b21645b4ab1ba46a4b08ac754de006630889ae063d7d810a2014844d99a22952cac738bf3e2509b8a04b25c2be701a60e1a2
-
SSDEEP
3072:YqHuHOn5SmyOMHudWmChnh7oMFHo/BcMir6epWu54tItpR:YqOK5SmyOH8F4cyepWy
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Drops file in System32 directory
-