General

  • Target

    e3f639051f9d7e411beb30d09a94adb4_JaffaCakes118

  • Size

    272KB

  • Sample

    240916-eaqdqaxejg

  • MD5

    e3f639051f9d7e411beb30d09a94adb4

  • SHA1

    a9bc5020bb8c777709b278c36e3d7eb5eb21b9e5

  • SHA256

    11f2c5474cae37d434a8c66e8c7fef6430cdac153501aa654a1aa496d61f090b

  • SHA512

    f7f25d3582a001edffdb4b0379b85e66e684db7e35f826639ee4d6cd4987a2828c5f6d9328952402ed2fa9807446712759b1e0a51b8bf28428c340ffa2d22cef

  • SSDEEP

    6144:kf00dcXhVqo9bdXltxg+iPHR27xVaXqg6QWnGD:kJS9BXh6qkXq/E

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

12.163.208.58:80

45.33.35.74:8080

87.106.253.248:8080

192.241.146.84:8080

190.115.18.139:8080

65.36.62.20:80

170.81.48.2:80

83.169.21.32:7080

185.232.182.218:80

190.2.31.172:80

77.106.157.34:8080

82.230.1.24:80

202.4.58.197:80

201.213.177.139:80

78.249.119.122:80

123.51.47.18:80

77.90.136.129:8080

60.93.23.51:80

152.169.22.67:80

190.117.79.209:80

rsa_pubkey.plain
1
-----BEGIN PUBLIC KEY-----
2
MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAOZ9fLJ8UrI0OZURpPsR3eijAyfPj3z6
3
uS75f2igmYFW2aWgNcFIzsAYQleKzD0nlCFHOo7Zf8/4wY2UW0CJ4dJEHnE/PHlz
4
6uNk3pxjm7o4eCDyiJbzf+k0Azjl0q54FQIDAQAB
5
-----END PUBLIC KEY-----

Targets

    • Target

      e3f639051f9d7e411beb30d09a94adb4_JaffaCakes118

    • Size

      272KB

    • MD5

      e3f639051f9d7e411beb30d09a94adb4

    • SHA1

      a9bc5020bb8c777709b278c36e3d7eb5eb21b9e5

    • SHA256

      11f2c5474cae37d434a8c66e8c7fef6430cdac153501aa654a1aa496d61f090b

    • SHA512

      f7f25d3582a001edffdb4b0379b85e66e684db7e35f826639ee4d6cd4987a2828c5f6d9328952402ed2fa9807446712759b1e0a51b8bf28428c340ffa2d22cef

    • SSDEEP

      6144:kf00dcXhVqo9bdXltxg+iPHR27xVaXqg6QWnGD:kJS9BXh6qkXq/E

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

    • Emotet payload

      Detects Emotet payload in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.