General
-
Target
a1eb29f9b258a8c72949f25c6b0be7a0_JaffaCakes118
-
Size
908KB
-
Sample
240817-ktzpdsxdjh
-
MD5
a1eb29f9b258a8c72949f25c6b0be7a0
-
SHA1
b122b48af8006b00b608b83a4ae2bf53ee8879a3
-
SHA256
8dd3b0ef27c30ccccd5e7f248761d6045f5a6dc78dbc26b4cef8e669d2f50f01
-
SHA512
0ad35cac1a463b8b2cead804eb8b89da912df1d1e5a7d8f695c95468d9e74be5ac0bf026e97f20b704c0bf39c8a84c0ea873b4add02c2a7f6b2e8a1a3bdaf69e
-
SSDEEP
12288:0/J+NC0xu2rPcHKeNmcZvF/SZGYzZ5Q/vL:2J8R6mcVF/mGY43
Malware Config
Extracted
emotet
Epoch2
47.146.117.214:80
62.108.54.22:8080
212.51.142.238:8080
190.160.53.126:80
87.106.136.232:8080
74.208.45.104:8080
121.124.124.40:7080
124.45.106.173:443
76.27.179.47:80
210.165.156.91:80
61.19.246.238:443
81.2.235.111:8080
169.239.182.217:8080
181.230.116.163:80
139.130.242.43:80
46.105.131.87:80
139.59.60.244:8080
222.214.218.37:4143
41.60.200.34:80
200.55.243.138:8080
Targets
-
-
Target
a1eb29f9b258a8c72949f25c6b0be7a0_JaffaCakes118
-
Size
908KB
-
MD5
a1eb29f9b258a8c72949f25c6b0be7a0
-
SHA1
b122b48af8006b00b608b83a4ae2bf53ee8879a3
-
SHA256
8dd3b0ef27c30ccccd5e7f248761d6045f5a6dc78dbc26b4cef8e669d2f50f01
-
SHA512
0ad35cac1a463b8b2cead804eb8b89da912df1d1e5a7d8f695c95468d9e74be5ac0bf026e97f20b704c0bf39c8a84c0ea873b4add02c2a7f6b2e8a1a3bdaf69e
-
SSDEEP
12288:0/J+NC0xu2rPcHKeNmcZvF/SZGYzZ5Q/vL:2J8R6mcVF/mGY43
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Emotet payload
Detects Emotet payload in memory.
-