General
-
Target
9913cbaefeef13e2546b6323d0e0b295_JaffaCakes118
-
Size
667KB
-
Sample
240605-yls4jafh7w
-
MD5
9913cbaefeef13e2546b6323d0e0b295
-
SHA1
36c24ee83364161b7304915febe3fa641f3d5b14
-
SHA256
c7a0edf294fdcf09b0b155c368fa80cf2e47b0655a68ae458631864ad9a76786
-
SHA512
d0b8fb2ae3216856d443b3f343871ffcf12072b1fa4f296b61a9d8021fea9f78ca8bfd82e65ccbcdd56154c11090fed0cc1fb7908e0a2a8bfb3e9eadbcf15451
-
SSDEEP
12288:U2JhG//t8C5VCFSoDpaQlHfl6mCiWDaBMFC2oCGsq:U2JC/t8iVNoDgQVN6mCiptHX
Malware Config
Extracted
emotet
Epoch3
116.91.240.96:80
167.71.227.113:8080
190.85.46.52:7080
162.144.42.60:8080
202.166.170.43:80
95.216.205.155:8080
120.51.34.254:80
103.93.220.182:80
111.89.241.139:80
60.125.114.64:443
45.177.120.37:8080
185.86.148.68:443
75.127.14.170:8080
119.92.77.17:80
203.153.216.178:7080
172.96.190.154:8080
179.5.118.12:80
153.229.219.1:443
139.59.12.63:8080
115.79.195.246:80
Targets
-
-
Target
9913cbaefeef13e2546b6323d0e0b295_JaffaCakes118
-
Size
667KB
-
MD5
9913cbaefeef13e2546b6323d0e0b295
-
SHA1
36c24ee83364161b7304915febe3fa641f3d5b14
-
SHA256
c7a0edf294fdcf09b0b155c368fa80cf2e47b0655a68ae458631864ad9a76786
-
SHA512
d0b8fb2ae3216856d443b3f343871ffcf12072b1fa4f296b61a9d8021fea9f78ca8bfd82e65ccbcdd56154c11090fed0cc1fb7908e0a2a8bfb3e9eadbcf15451
-
SSDEEP
12288:U2JhG//t8C5VCFSoDpaQlHfl6mCiWDaBMFC2oCGsq:U2JC/t8iVNoDgQVN6mCiptHX
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Emotet payload
Detects Emotet payload in memory.
-