General

  • Target

    e672115caf064b177c4c39543e54456b_JaffaCakes118

  • Size

    264KB

  • Sample

    240917-klnxxsthjk

  • MD5

    e672115caf064b177c4c39543e54456b

  • SHA1

    d807a8c48ce039574be49cb4cf386b422aa97c2a

  • SHA256

    7fa615c5fc339f2b0f7c8497e4a0add1bffd48b8dba76e63988026dbe2a90753

  • SHA512

    3fec1bcb8447e58ad1e6b9e4e6585dce37ae86c3e0facca54443759ccb1e4519185d5e506c78da91abba050c5c673c1a75b50bd1add21d4eb9bd22be8828077c

  • SSDEEP

    6144:f2xkWPsIvPXpNR5iBUa9TyXpuX9yujJQRWcp3:f2qW0IvP5NiW2y7AJhcp

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

174.113.69.136:80

51.38.124.206:80

82.196.15.205:8080

38.88.126.202:8080

190.115.18.139:8080

98.13.75.196:80

181.30.61.163:443

82.76.111.249:443

181.129.96.162:8080

74.58.215.226:80

68.69.155.181:80

188.135.15.49:80

190.163.31.26:80

50.121.220.50:80

51.159.23.217:443

2.47.112.152:80

185.215.227.107:443

217.13.106.14:8080

70.32.115.157:8080

170.81.48.2:80

rsa_pubkey.plain
1
-----BEGIN PUBLIC KEY-----
2
MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAOZ9fLJ8UrI0OZURpPsR3eijAyfPj3z6
3
uS75f2igmYFW2aWgNcFIzsAYQleKzD0nlCFHOo7Zf8/4wY2UW0CJ4dJEHnE/PHlz
4
6uNk3pxjm7o4eCDyiJbzf+k0Azjl0q54FQIDAQAB
5
-----END PUBLIC KEY-----

Targets

    • Target

      e672115caf064b177c4c39543e54456b_JaffaCakes118

    • Size

      264KB

    • MD5

      e672115caf064b177c4c39543e54456b

    • SHA1

      d807a8c48ce039574be49cb4cf386b422aa97c2a

    • SHA256

      7fa615c5fc339f2b0f7c8497e4a0add1bffd48b8dba76e63988026dbe2a90753

    • SHA512

      3fec1bcb8447e58ad1e6b9e4e6585dce37ae86c3e0facca54443759ccb1e4519185d5e506c78da91abba050c5c673c1a75b50bd1add21d4eb9bd22be8828077c

    • SSDEEP

      6144:f2xkWPsIvPXpNR5iBUa9TyXpuX9yujJQRWcp3:f2qW0IvP5NiW2y7AJhcp

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

    • Emotet payload

      Detects Emotet payload in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.