General
-
Target
dd55e4a9449979ce2b1385d681a2829d4f7b5a9c482ecdc58c7a7ca31bf44202
-
Size
251KB
-
Sample
240409-3rsr6sea4t
-
MD5
b97a03287462f8bc34aafe137939abb7
-
SHA1
5104449db38500966cb71dbd22f22c8222a41242
-
SHA256
dd55e4a9449979ce2b1385d681a2829d4f7b5a9c482ecdc58c7a7ca31bf44202
-
SHA512
97427f2f8650da90a2e3aa02f97c69d6478ed1754d54756bdfa06a783f94e7456bebeff5e5e6c8e3dc7e88c80b4cb6df40335abc41bf0c4d28122fd341fba6db
-
SSDEEP
6144:8rp5Ke4yhvvldbG3uc2aIkaGXqd/R/7jAqjwsyS09+ZNJTK:8rp5KenUEdGXqL1ByjaNJ
Malware Config
Extracted
emotet
Epoch3
113.161.176.235:80
88.247.30.64:80
89.163.210.141:8080
139.162.10.249:8080
203.157.152.9:7080
109.99.146.210:8080
78.90.78.210:80
172.193.14.201:80
157.7.164.178:8081
189.211.214.19:443
157.245.145.87:443
180.148.4.130:8080
46.32.229.152:8080
24.245.65.66:80
82.78.179.117:443
177.130.51.198:80
121.117.147.153:443
203.160.167.243:80
172.104.46.84:8080
202.29.237.113:8080
Targets
-
-
Target
dd55e4a9449979ce2b1385d681a2829d4f7b5a9c482ecdc58c7a7ca31bf44202
-
Size
251KB
-
MD5
b97a03287462f8bc34aafe137939abb7
-
SHA1
5104449db38500966cb71dbd22f22c8222a41242
-
SHA256
dd55e4a9449979ce2b1385d681a2829d4f7b5a9c482ecdc58c7a7ca31bf44202
-
SHA512
97427f2f8650da90a2e3aa02f97c69d6478ed1754d54756bdfa06a783f94e7456bebeff5e5e6c8e3dc7e88c80b4cb6df40335abc41bf0c4d28122fd341fba6db
-
SSDEEP
6144:8rp5Ke4yhvvldbG3uc2aIkaGXqd/R/7jAqjwsyS09+ZNJTK:8rp5KenUEdGXqL1ByjaNJ
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
UPX dump on OEP (original entry point)
-
Blocklisted process makes network request
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-