General

  • Target

    d7cc44cef8d4ee27c63cb44b5704d5b9_JaffaCakes118

  • Size

    652KB

  • Sample

    240910-jdhkhasdjm

  • MD5

    d7cc44cef8d4ee27c63cb44b5704d5b9

  • SHA1

    177727c367a4beafa24d933b704ba5f148b74f4f

  • SHA256

    8632d88080885f9c112a6360a03ab3c0b51ed20bda3f2c9bea06e15c0d9399fa

  • SHA512

    098e1abf514fbab9ed016e12192a607832a6a3bb5aae336f5ddd1b73c135f04a1dd2af95d0b7609a05cdb8ec168a821197ef0e4fcad620cfbf064f8db969bc24

  • SSDEEP

    6144:D1kldizdOT/pS0MIt7YRU6f5+StXzXYbnnuCYUvaJqqjbGdIBJxmAM+j9XTTofwX:2plfofXYbjYUvaVaCnM+p4hV4o6L

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

212.186.191.177:80

91.242.138.5:80

173.13.135.102:80

59.110.18.236:443

45.56.88.91:443

51.68.220.244:8080

206.81.10.215:8080

80.11.163.139:21

182.176.132.213:8090

165.227.156.155:443

118.201.230.249:80

138.201.140.110:8080

46.105.131.87:80

87.106.139.101:8080

24.45.193.161:7080

209.97.168.52:8080

190.12.119.180:443

190.147.215.53:22

191.92.209.110:7080

91.205.215.66:8080

rsa_pubkey.plain
1
-----BEGIN PUBLIC KEY-----
2
MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAKl4M80uy0jcxUiFIaJJyxgHVVnFtCq6
3
bi6f2xXPh/XUZNyN8UXDe5HzhTc4kwon9MBZffNwFOIc61QfV3K3YzEI/ktcyNqK
4
LS67ONxsVep769QdiVQJXrIaFjMXKz6viwIDAQAB
5
-----END PUBLIC KEY-----

Targets

    • Target

      d7cc44cef8d4ee27c63cb44b5704d5b9_JaffaCakes118

    • Size

      652KB

    • MD5

      d7cc44cef8d4ee27c63cb44b5704d5b9

    • SHA1

      177727c367a4beafa24d933b704ba5f148b74f4f

    • SHA256

      8632d88080885f9c112a6360a03ab3c0b51ed20bda3f2c9bea06e15c0d9399fa

    • SHA512

      098e1abf514fbab9ed016e12192a607832a6a3bb5aae336f5ddd1b73c135f04a1dd2af95d0b7609a05cdb8ec168a821197ef0e4fcad620cfbf064f8db969bc24

    • SSDEEP

      6144:D1kldizdOT/pS0MIt7YRU6f5+StXzXYbnnuCYUvaJqqjbGdIBJxmAM+j9XTTofwX:2plfofXYbjYUvaVaCnM+p4hV4o6L

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.