General
-
Target
289a266d0b29dda89b92b7d70c151e0b_JaffaCakes118
-
Size
104KB
-
Sample
240509-gpmmgsde61
-
MD5
289a266d0b29dda89b92b7d70c151e0b
-
SHA1
5550915d12bd20550b6c403b094177c45448cfe4
-
SHA256
45274ad93a17948458621580a8d21dab3194fb47b76dec2d8db4b06fb3d8aefd
-
SHA512
8765ba6cbfb43085e52536332426516e9202e86aba72e8301974a61a6098a90329286398ea7c0e6b46cb788c1767bb627695ab378e44e781315a5421ecdc893d
-
SSDEEP
3072:iNOlUI7W7YDweSGXAhg5domGX9LpV049iBVBJ53Mj:AwUIyawev5ddGNVe49M7Lm
Malware Config
Extracted
emotet
Epoch3
115.176.16.221:80
45.79.16.230:7080
145.239.169.32:7080
190.85.46.52:7080
180.26.62.115:443
179.5.118.12:80
189.160.188.97:80
5.79.70.250:8080
126.126.139.26:443
41.84.243.145:80
79.133.6.236:8080
139.59.12.63:8080
95.216.205.155:8080
45.177.120.37:8080
54.38.143.245:8080
157.7.164.178:8081
41.212.89.128:80
50.116.78.109:8080
75.127.14.170:8080
49.243.9.118:80
Targets
-
-
Target
289a266d0b29dda89b92b7d70c151e0b_JaffaCakes118
-
Size
104KB
-
MD5
289a266d0b29dda89b92b7d70c151e0b
-
SHA1
5550915d12bd20550b6c403b094177c45448cfe4
-
SHA256
45274ad93a17948458621580a8d21dab3194fb47b76dec2d8db4b06fb3d8aefd
-
SHA512
8765ba6cbfb43085e52536332426516e9202e86aba72e8301974a61a6098a90329286398ea7c0e6b46cb788c1767bb627695ab378e44e781315a5421ecdc893d
-
SSDEEP
3072:iNOlUI7W7YDweSGXAhg5domGX9LpV049iBVBJ53Mj:AwUIyawev5ddGNVe49M7Lm
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Emotet payload
Detects Emotet payload in memory.
-