General
-
Target
9e72fd316e2ce221baec29b388409100_JaffaCakes118
-
Size
668KB
-
Sample
240611-resqvszenq
-
MD5
9e72fd316e2ce221baec29b388409100
-
SHA1
cc45c22ef5e871f0d63144ecb2e2667474242a72
-
SHA256
fe7bf0ce097e2b279a8c21c30fbce3e753909f7db756e998b044d8370c6cbeca
-
SHA512
43660c6db43f28171b7d94962e5266897c61ec7d1f778027ced1ddf8f8e0e7c1adb4409466b968c1de0a885dc42285656069b74c31b5e8702eece36a14bfd57b
-
SSDEEP
6144:gdiE4zqXVY7PfBHnzA0F3JhJx4eS5JNMTy5fkLaMiLgLWL7SqaaYo5wzPLNQOIeG:gdw7hHnzAe3oe6JZ6zEPaexL62
Malware Config
Extracted
emotet
Epoch1
202.22.141.45:80
37.187.161.206:8080
202.29.239.162:443
80.87.201.221:7080
82.76.111.249:443
216.47.196.104:80
192.241.143.52:8080
192.81.38.31:80
87.106.253.248:8080
64.201.88.132:80
192.241.146.84:8080
12.162.84.2:8080
1.226.84.243:8080
177.129.17.170:443
202.134.4.210:7080
70.169.17.134:80
152.169.22.67:80
5.196.35.138:7080
138.97.60.141:7080
203.205.28.68:80
Targets
-
-
Target
9e72fd316e2ce221baec29b388409100_JaffaCakes118
-
Size
668KB
-
MD5
9e72fd316e2ce221baec29b388409100
-
SHA1
cc45c22ef5e871f0d63144ecb2e2667474242a72
-
SHA256
fe7bf0ce097e2b279a8c21c30fbce3e753909f7db756e998b044d8370c6cbeca
-
SHA512
43660c6db43f28171b7d94962e5266897c61ec7d1f778027ced1ddf8f8e0e7c1adb4409466b968c1de0a885dc42285656069b74c31b5e8702eece36a14bfd57b
-
SSDEEP
6144:gdiE4zqXVY7PfBHnzA0F3JhJx4eS5JNMTy5fkLaMiLgLWL7SqaaYo5wzPLNQOIeG:gdw7hHnzAe3oe6JZ6zEPaexL62
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Emotet payload
Detects Emotet payload in memory.
-