General
-
Target
6382e60479cb0ab0cf9fbf6b456d5580_JaffaCakes118
-
Size
425KB
-
Sample
240521-q5l6bsgc3w
-
MD5
6382e60479cb0ab0cf9fbf6b456d5580
-
SHA1
62fba9c60d2374a9d1d300638795ac0fc8297c98
-
SHA256
8ac484407e6f7e10e97b5b32f72494cf0099ad3b7a1c2ed6f09b6856a963fd8b
-
SHA512
09367269f7668f004e0b5ea4d1235a39439d0893c58cf2f6db09ece2fae1c4a04051fe19049c8054a726e58f5876a338ce01216e9dbd84fbe25372f17cf487d9
-
SSDEEP
6144:6riTApO8CLavbVUGXjDsDaKaIwLnhc/WGLeGFL7h11UOvTmgyyyyyyyyyyyyyyyg:DGXqzacuGfFxUO7mQDi+6Y
Malware Config
Extracted
emotet
Epoch3
186.159.246.121:80
201.210.70.8:8080
46.105.131.68:8080
192.163.221.191:8080
124.150.175.133:80
5.189.148.98:8080
95.216.207.86:7080
189.145.6.189:80
212.112.113.235:80
187.143.219.242:8080
189.132.130.111:8080
190.96.118.15:443
190.217.1.149:80
172.104.70.207:8080
42.190.4.92:443
152.170.220.95:80
203.99.188.11:443
216.75.37.196:8080
190.55.39.215:80
185.45.24.254:7080
Targets
-
-
Target
6382e60479cb0ab0cf9fbf6b456d5580_JaffaCakes118
-
Size
425KB
-
MD5
6382e60479cb0ab0cf9fbf6b456d5580
-
SHA1
62fba9c60d2374a9d1d300638795ac0fc8297c98
-
SHA256
8ac484407e6f7e10e97b5b32f72494cf0099ad3b7a1c2ed6f09b6856a963fd8b
-
SHA512
09367269f7668f004e0b5ea4d1235a39439d0893c58cf2f6db09ece2fae1c4a04051fe19049c8054a726e58f5876a338ce01216e9dbd84fbe25372f17cf487d9
-
SSDEEP
6144:6riTApO8CLavbVUGXjDsDaKaIwLnhc/WGLeGFL7h11UOvTmgyyyyyyyyyyyyyyyg:DGXqzacuGfFxUO7mQDi+6Y
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Loads dropped DLL
-
Drops file in System32 directory
-