General
-
Target
5644109d6059243423970addcbf08a51_JaffaCakes118
-
Size
212KB
-
Sample
240518-xf4gmsad99
-
MD5
5644109d6059243423970addcbf08a51
-
SHA1
9551f1eb218352e81048e8f5ad25ffa882e1b3f5
-
SHA256
e2c91d242f90bf3995e997ca10d4cff3857060e83297261d9a172ecd7548dfae
-
SHA512
dd011d99b5efe68928573eecdce977c7b9bbb89400d0fc066ab6dfc32a607d080f4991ab60f786c5d8d33ce1d2f3e54a9c3ebcf38b05b97120f54aa95464ded6
-
SSDEEP
6144:st2cIO6qzfzNrZclqpz9OWKMN+yt4gRLzUqaN0Q:g3+wEOZza
Malware Config
Extracted
emotet
Epoch3
83.169.33.157:8080
222.239.249.166:443
217.26.163.82:7080
91.205.173.54:8080
5.189.148.98:8080
187.177.155.123:990
172.245.13.50:8080
193.34.144.138:8080
119.159.150.176:443
143.95.101.72:8080
191.100.24.201:50000
139.162.185.116:443
195.201.56.68:7080
23.253.207.142:8080
192.163.221.191:8080
162.144.46.90:8080
103.205.177.229:80
190.189.79.73:80
163.172.97.112:8080
138.197.140.163:8080
Targets
-
-
Target
5644109d6059243423970addcbf08a51_JaffaCakes118
-
Size
212KB
-
MD5
5644109d6059243423970addcbf08a51
-
SHA1
9551f1eb218352e81048e8f5ad25ffa882e1b3f5
-
SHA256
e2c91d242f90bf3995e997ca10d4cff3857060e83297261d9a172ecd7548dfae
-
SHA512
dd011d99b5efe68928573eecdce977c7b9bbb89400d0fc066ab6dfc32a607d080f4991ab60f786c5d8d33ce1d2f3e54a9c3ebcf38b05b97120f54aa95464ded6
-
SSDEEP
6144:st2cIO6qzfzNrZclqpz9OWKMN+yt4gRLzUqaN0Q:g3+wEOZza
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Drops file in System32 directory
-