General
-
Target
e672115caf064b177c4c39543e54456b_JaffaCakes118
-
Size
264KB
-
Sample
240917-klnxxsthjk
-
MD5
e672115caf064b177c4c39543e54456b
-
SHA1
d807a8c48ce039574be49cb4cf386b422aa97c2a
-
SHA256
7fa615c5fc339f2b0f7c8497e4a0add1bffd48b8dba76e63988026dbe2a90753
-
SHA512
3fec1bcb8447e58ad1e6b9e4e6585dce37ae86c3e0facca54443759ccb1e4519185d5e506c78da91abba050c5c673c1a75b50bd1add21d4eb9bd22be8828077c
-
SSDEEP
6144:f2xkWPsIvPXpNR5iBUa9TyXpuX9yujJQRWcp3:f2qW0IvP5NiW2y7AJhcp
Malware Config
Extracted
emotet
Epoch1
174.113.69.136:80
51.38.124.206:80
82.196.15.205:8080
38.88.126.202:8080
190.115.18.139:8080
98.13.75.196:80
181.30.61.163:443
82.76.111.249:443
181.129.96.162:8080
74.58.215.226:80
68.69.155.181:80
188.135.15.49:80
190.163.31.26:80
50.121.220.50:80
51.159.23.217:443
2.47.112.152:80
185.215.227.107:443
217.13.106.14:8080
70.32.115.157:8080
170.81.48.2:80
Targets
-
-
Target
e672115caf064b177c4c39543e54456b_JaffaCakes118
-
Size
264KB
-
MD5
e672115caf064b177c4c39543e54456b
-
SHA1
d807a8c48ce039574be49cb4cf386b422aa97c2a
-
SHA256
7fa615c5fc339f2b0f7c8497e4a0add1bffd48b8dba76e63988026dbe2a90753
-
SHA512
3fec1bcb8447e58ad1e6b9e4e6585dce37ae86c3e0facca54443759ccb1e4519185d5e506c78da91abba050c5c673c1a75b50bd1add21d4eb9bd22be8828077c
-
SSDEEP
6144:f2xkWPsIvPXpNR5iBUa9TyXpuX9yujJQRWcp3:f2qW0IvP5NiW2y7AJhcp
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Emotet payload
Detects Emotet payload in memory.
-