General

  • Target

    f73e07d647214f434876bdc2916e7f4e_JaffaCakes118

  • Size

    160KB

  • Sample

    240926-bnp4bsydkn

  • MD5

    f73e07d647214f434876bdc2916e7f4e

  • SHA1

    9830b5bfc7b585b4e4818f06cd179bc3e6a39913

  • SHA256

    b877d0bcf9443bc74f24533c0c9bae7a251e71cba997404f363ba3978784a694

  • SHA512

    35b1a970ddd3b9d576f61932950504f35d2e84fffccd9252ba1fe59abaf56b458eb0bf4c75ea4eb1ab25340bb686eb543d62b89717e8487eea4e368f9ede77e9

  • SSDEEP

    3072:Gj5bi4jgM9Fl5NQaeJwGEr8UbPchbdyC:yBjgCFRe2xgI0hb

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

38.18.235.242:80

5.196.108.189:8080

121.124.124.40:7080

104.236.246.93:8080

113.61.66.94:80

120.150.60.189:80

91.211.88.52:7080

47.144.21.12:443

108.46.29.236:80

139.162.108.71:8080

134.209.36.254:8080

139.59.60.244:8080

66.65.136.14:80

76.175.162.101:80

174.106.122.139:80

95.213.236.64:8080

174.45.13.118:80

50.35.17.13:80

209.141.54.221:8080

87.106.139.101:8080

rsa_pubkey.plain
1
-----BEGIN PUBLIC KEY-----
2
MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhANQOcBKvh5xEW7VcJ9totsjdBwuAclxS
3
Q0e09fk8V053lktpW3TRrzAW63yt6j1KWnyxMrU3igFXypBoI4lVNmkje4UPtIIS
4
fkzjEIvG1v/ZNn1k0J0PfFTxbFFeUEs3AwIDAQAB
5
-----END PUBLIC KEY-----

Targets

    • Target

      f73e07d647214f434876bdc2916e7f4e_JaffaCakes118

    • Size

      160KB

    • MD5

      f73e07d647214f434876bdc2916e7f4e

    • SHA1

      9830b5bfc7b585b4e4818f06cd179bc3e6a39913

    • SHA256

      b877d0bcf9443bc74f24533c0c9bae7a251e71cba997404f363ba3978784a694

    • SHA512

      35b1a970ddd3b9d576f61932950504f35d2e84fffccd9252ba1fe59abaf56b458eb0bf4c75ea4eb1ab25340bb686eb543d62b89717e8487eea4e368f9ede77e9

    • SSDEEP

      3072:Gj5bi4jgM9Fl5NQaeJwGEr8UbPchbdyC:yBjgCFRe2xgI0hb

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

    • Emotet payload

      Detects Emotet payload in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.