General
-
Target
cacfe13dc15875d05bf7d95a63c5dcb7_JaffaCakes118
-
Size
112KB
-
Sample
240830-pdndmstbph
-
MD5
cacfe13dc15875d05bf7d95a63c5dcb7
-
SHA1
40f167d6ebda5671d78b833392e6b31f94ab0bd5
-
SHA256
c0584709704cc6aed40df78e45202e2f2649eec01c7c882b80e73bf097d4dbee
-
SHA512
d790c5b6d546a1d7788ff3be4a1e627a0b9fe09c83dad37c897db1d298d252676eb279920535724c33d08b0a09803c6049819e007f924a8d3e218b3cef6d2f88
-
SSDEEP
1536:zIyJFo4OTP8JQUtGvH7G5TJIyeyz29rc+ZqRNqiwm7EZ:5J24tJQUtG/S5narc+ZaqiDS
Malware Config
Extracted
emotet
Epoch2
71.72.196.159:80
134.209.36.254:8080
120.138.30.150:8080
94.23.216.33:80
157.245.99.39:8080
137.59.187.107:8080
94.23.237.171:443
61.19.246.238:443
156.155.166.221:80
50.35.17.13:80
153.137.36.142:80
91.211.88.52:7080
209.141.54.221:8080
185.94.252.104:443
174.45.13.118:80
87.106.136.232:8080
62.75.141.82:80
213.196.135.145:80
188.219.31.12:80
82.80.155.43:80
Targets
-
-
Target
cacfe13dc15875d05bf7d95a63c5dcb7_JaffaCakes118
-
Size
112KB
-
MD5
cacfe13dc15875d05bf7d95a63c5dcb7
-
SHA1
40f167d6ebda5671d78b833392e6b31f94ab0bd5
-
SHA256
c0584709704cc6aed40df78e45202e2f2649eec01c7c882b80e73bf097d4dbee
-
SHA512
d790c5b6d546a1d7788ff3be4a1e627a0b9fe09c83dad37c897db1d298d252676eb279920535724c33d08b0a09803c6049819e007f924a8d3e218b3cef6d2f88
-
SSDEEP
1536:zIyJFo4OTP8JQUtGvH7G5TJIyeyz29rc+ZqRNqiwm7EZ:5J24tJQUtG/S5narc+ZaqiDS
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Emotet payload
Detects Emotet payload in memory.
-