General
-
Target
2024-02-05_15697a37a8ff11189a07bd81e78a72c4_icedid
-
Size
288KB
-
Sample
240205-tvgdwabhg6
-
MD5
15697a37a8ff11189a07bd81e78a72c4
-
SHA1
63cbf427247cdf560a129c3808791ab11da319f7
-
SHA256
7f37e01cfe1d04671b9b0d3008be747a2416c23fd241fd749e364a2f9c580075
-
SHA512
0745998b81a0aadbaab6029bd80d91f6c033f64d687604208657f74b13106f280c71099b7eb9d6204a8264a722070010d0613e26fccb0f2a0c2a9612449430d9
-
SSDEEP
6144:cxuEQzDMJ8fvZsOB/my5tSj2u6608w015Lu2U8akU50ncxav:cx/RJ83//my/huk8wecIake0ncxa
Malware Config
Extracted
emotet
Epoch2
47.144.21.37:80
181.171.209.241:443
200.111.198.76:80
185.201.9.197:8080
64.207.182.168:8080
155.186.9.160:80
74.128.121.17:80
78.24.219.147:8080
110.142.236.207:80
72.186.136.247:443
87.106.139.101:8080
119.59.116.21:8080
167.114.153.111:8080
202.134.4.211:8080
58.1.242.115:80
161.0.153.60:80
50.91.114.38:80
62.30.7.67:443
208.74.26.234:80
172.104.97.173:8080
Targets
-
-
Target
2024-02-05_15697a37a8ff11189a07bd81e78a72c4_icedid
-
Size
288KB
-
MD5
15697a37a8ff11189a07bd81e78a72c4
-
SHA1
63cbf427247cdf560a129c3808791ab11da319f7
-
SHA256
7f37e01cfe1d04671b9b0d3008be747a2416c23fd241fd749e364a2f9c580075
-
SHA512
0745998b81a0aadbaab6029bd80d91f6c033f64d687604208657f74b13106f280c71099b7eb9d6204a8264a722070010d0613e26fccb0f2a0c2a9612449430d9
-
SSDEEP
6144:cxuEQzDMJ8fvZsOB/my5tSj2u6608w015Lu2U8akU50ncxav:cx/RJ83//my/huk8wecIake0ncxa
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Emotet payload
Detects Emotet payload in memory.
-