General

  • Target

    e8f578fa8a9e3301633b0dd2449e0021_JaffaCakes118

  • Size

    632KB

  • Sample

    240918-mz4awawhja

  • MD5

    e8f578fa8a9e3301633b0dd2449e0021

  • SHA1

    72de43caaaa0b1d2c247f0f2d166e9eafcdd6bc5

  • SHA256

    7937578afc9d2b2bbc324c70fd4a47961a7a48aae6716970dfbdde851cfbbf25

  • SHA512

    a4c96843199a7c7a4b6d98ea083ba6634d08e8c6e7114952a54ddaf697288a1d610273883f7e022453d7def30238e6168104b6484913ca45d68a0777b415a0dd

  • SSDEEP

    12288:DCjBePRPHFPikH0+IQmOZJ6+Px7Z3p5LfZ9NJ:FPdikU+IQ1Zt7ZLfZjJ

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

68.44.137.144:443

69.30.203.214:8080

67.205.85.243:8080

85.66.181.138:80

74.208.45.104:8080

109.116.214.124:443

95.179.229.244:8080

24.137.76.62:80

95.213.236.64:8080

113.160.130.116:8443

47.146.117.214:80

24.233.112.152:80

87.106.139.101:8080

89.186.91.200:443

91.211.88.52:7080

200.41.121.90:80

107.185.211.16:80

104.131.11.150:443

5.39.91.110:7080

62.138.26.28:8080

rsa_pubkey.plain
1
-----BEGIN PUBLIC KEY-----
2
MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhANQOcBKvh5xEW7VcJ9totsjdBwuAclxS
3
Q0e09fk8V053lktpW3TRrzAW63yt6j1KWnyxMrU3igFXypBoI4lVNmkje4UPtIIS
4
fkzjEIvG1v/ZNn1k0J0PfFTxbFFeUEs3AwIDAQAB
5
-----END PUBLIC KEY-----

Targets

    • Target

      e8f578fa8a9e3301633b0dd2449e0021_JaffaCakes118

    • Size

      632KB

    • MD5

      e8f578fa8a9e3301633b0dd2449e0021

    • SHA1

      72de43caaaa0b1d2c247f0f2d166e9eafcdd6bc5

    • SHA256

      7937578afc9d2b2bbc324c70fd4a47961a7a48aae6716970dfbdde851cfbbf25

    • SHA512

      a4c96843199a7c7a4b6d98ea083ba6634d08e8c6e7114952a54ddaf697288a1d610273883f7e022453d7def30238e6168104b6484913ca45d68a0777b415a0dd

    • SSDEEP

      12288:DCjBePRPHFPikH0+IQmOZJ6+Px7Z3p5LfZ9NJ:FPdikU+IQ1Zt7ZLfZjJ

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

    • Emotet payload

      Detects Emotet payload in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.