General
-
Target
e667bbb4f35c8e3d1ed6024d7ef6ae79_JaffaCakes118
-
Size
624KB
-
Sample
240917-j6nbfstamj
-
MD5
e667bbb4f35c8e3d1ed6024d7ef6ae79
-
SHA1
5636390a8f3d81c8671f571398ad9ea70c9f85ea
-
SHA256
e7803bb4144b1b6d7bc76fac97ef39572841abfae8b051914aab4f2acb3f2bed
-
SHA512
1104a35970589aaddc43ba297f0785b42f670c4935ca47fb59fccd0b23e744c05cce4e8909f5c7431ab572026b462ea4a3b04f5e0e910d0c481e947d3ac3007e
-
SSDEEP
6144:hzTCYruA1ohrPv8FG0+DVg5w83gSkdwPU0YnG3Fx+GaJ5674pIbVg73zf7ewvNwm:hzBCAnFfG83qEU0YGTcJ47Fmreu+D
Malware Config
Extracted
emotet
Epoch2
24.196.49.98:80
93.147.141.5:443
72.189.57.105:80
91.250.96.22:8080
37.187.72.193:8080
104.131.44.150:8080
167.71.10.37:8080
27.109.153.201:8090
105.247.123.133:8080
190.12.119.180:443
120.151.135.224:80
221.165.123.72:80
103.86.49.11:8080
178.237.139.83:8080
5.32.55.214:80
95.213.236.64:8080
189.203.177.41:443
78.24.219.147:8080
190.117.226.104:80
73.11.153.178:8080
Targets
-
-
Target
e667bbb4f35c8e3d1ed6024d7ef6ae79_JaffaCakes118
-
Size
624KB
-
MD5
e667bbb4f35c8e3d1ed6024d7ef6ae79
-
SHA1
5636390a8f3d81c8671f571398ad9ea70c9f85ea
-
SHA256
e7803bb4144b1b6d7bc76fac97ef39572841abfae8b051914aab4f2acb3f2bed
-
SHA512
1104a35970589aaddc43ba297f0785b42f670c4935ca47fb59fccd0b23e744c05cce4e8909f5c7431ab572026b462ea4a3b04f5e0e910d0c481e947d3ac3007e
-
SSDEEP
6144:hzTCYruA1ohrPv8FG0+DVg5w83gSkdwPU0YnG3Fx+GaJ5674pIbVg73zf7ewvNwm:hzBCAnFfG83qEU0YGTcJ47Fmreu+D
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Drops file in System32 directory
-