General
-
Target
16e391d37f130c67d8f6dec477dc89828f42548a2a185a12898d469f7e6bf757
-
Size
418KB
-
Sample
241120-16hveayqen
-
MD5
0937e5822094bc35518ab403909ed12d
-
SHA1
7e7640aae90766144f095d1ebfc85bbaf67d684a
-
SHA256
16e391d37f130c67d8f6dec477dc89828f42548a2a185a12898d469f7e6bf757
-
SHA512
f86737f723b4448c0ca959299f415f3765b64a9ba39edd3d567cef2fde404f86ab7d26f073a9e2e720bbfd22123a1f40eb9f301db914ba56a3203f5aaa222574
-
SSDEEP
12288:zXsObAC+H3bd40FM1OpzFt4t/tltJt004m6E0p:zzMC+HTFM1OpzhnF
Malware Config
Extracted
emotet
Epoch1
78.206.229.130:80
104.131.92.244:8080
70.39.251.94:8080
87.230.25.43:8080
79.118.74.90:80
82.76.111.249:443
82.76.52.155:80
212.71.237.140:8080
188.251.213.180:80
103.236.179.162:80
1.226.84.243:8080
70.32.84.74:8080
2.84.12.98:80
201.213.177.139:80
177.73.0.98:443
170.81.48.2:80
129.232.220.11:8080
177.144.130.105:8080
213.52.74.198:80
120.72.18.91:80
Targets
-
-
Target
16e391d37f130c67d8f6dec477dc89828f42548a2a185a12898d469f7e6bf757
-
Size
418KB
-
MD5
0937e5822094bc35518ab403909ed12d
-
SHA1
7e7640aae90766144f095d1ebfc85bbaf67d684a
-
SHA256
16e391d37f130c67d8f6dec477dc89828f42548a2a185a12898d469f7e6bf757
-
SHA512
f86737f723b4448c0ca959299f415f3765b64a9ba39edd3d567cef2fde404f86ab7d26f073a9e2e720bbfd22123a1f40eb9f301db914ba56a3203f5aaa222574
-
SSDEEP
12288:zXsObAC+H3bd40FM1OpzFt4t/tltJt004m6E0p:zzMC+HTFM1OpzhnF
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Emotet family
-
Emotet payload
Detects Emotet payload in memory.
-