General

  • Target

    f503a713e16012c3cf0bc3585b5033b0_JaffaCakes118

  • Size

    160KB

  • Sample

    240925-ddewqatfpc

  • MD5

    f503a713e16012c3cf0bc3585b5033b0

  • SHA1

    a404b194a46fa173b8f346239ea2e371267e4fa3

  • SHA256

    d7691b2b6db0987800b9f4a10b4d9329fd24ca35a926d56bfb25735a0e3c1e2c

  • SHA512

    da8e8fe8a4a812157f4b95dc40c1632899011334a41339b20ea14efc02ca5df5cc903287c76ea1f6b4724d696c6c970d22346f9dd096c237bb38e655f19e018d

  • SSDEEP

    3072:FDZrsQPjgM9m5t6mdqQnhoDObxOWSMRDZ8N/JdC:3QMjgnBy4m

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

128.92.203.42:80

37.187.161.206:8080

202.29.239.162:443

80.87.201.221:7080

190.188.245.242:80

12.163.208.58:80

213.197.182.158:8080

201.213.177.139:80

62.84.75.50:80

45.33.77.42:8080

185.183.16.47:80

78.249.119.122:80

177.129.17.170:443

51.15.7.189:80

152.169.22.67:80

119.106.216.84:80

109.169.12.78:80

51.15.7.145:80

219.92.13.25:80

190.117.79.209:80

rsa_pubkey.plain
1
-----BEGIN PUBLIC KEY-----
2
MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAOZ9fLJ8UrI0OZURpPsR3eijAyfPj3z6
3
uS75f2igmYFW2aWgNcFIzsAYQleKzD0nlCFHOo7Zf8/4wY2UW0CJ4dJEHnE/PHlz
4
6uNk3pxjm7o4eCDyiJbzf+k0Azjl0q54FQIDAQAB
5
-----END PUBLIC KEY-----

Targets

    • Target

      f503a713e16012c3cf0bc3585b5033b0_JaffaCakes118

    • Size

      160KB

    • MD5

      f503a713e16012c3cf0bc3585b5033b0

    • SHA1

      a404b194a46fa173b8f346239ea2e371267e4fa3

    • SHA256

      d7691b2b6db0987800b9f4a10b4d9329fd24ca35a926d56bfb25735a0e3c1e2c

    • SHA512

      da8e8fe8a4a812157f4b95dc40c1632899011334a41339b20ea14efc02ca5df5cc903287c76ea1f6b4724d696c6c970d22346f9dd096c237bb38e655f19e018d

    • SSDEEP

      3072:FDZrsQPjgM9m5t6mdqQnhoDObxOWSMRDZ8N/JdC:3QMjgnBy4m

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

    • Emotet payload

      Detects Emotet payload in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.