General
-
Target
8d4da2f0035615577171285080509cdb44b0dfcdbca70d98321f3c30006c6097
-
Size
266KB
-
Sample
241120-1v1abavekm
-
MD5
67439e0bf1651038e07f616c5e231da0
-
SHA1
ffe73eb39917f30e671ac4b146c67612a8dd1b0a
-
SHA256
8d4da2f0035615577171285080509cdb44b0dfcdbca70d98321f3c30006c6097
-
SHA512
5ae50c3a87dce0bd1890a5a7df9be7f1aa1193b7ba30fbc7dfb91a10e0bf972be1d6ec964b20902300d02c6170eeb6401347b129248aa9ece128b352e817aefa
-
SSDEEP
6144:HknN2QU6/ptQNvWu1FB8xS4Gg/mFCoZQk4qbq5shU/:ENZLhqiS49CCoZQkHq5sho
Malware Config
Extracted
emotet
Epoch5
186.250.48.5:80
168.119.39.118:443
185.168.130.138:443
190.90.233.66:443
159.69.237.188:443
54.37.228.122:443
93.104.209.107:8080
185.148.168.15:8080
198.199.98.78:8080
87.106.97.83:7080
195.77.239.39:8080
37.44.244.177:8080
54.38.242.185:443
185.184.25.78:8080
116.124.128.206:8080
139.196.72.155:8080
128.199.192.135:8080
103.41.204.169:8080
78.47.204.80:443
68.183.93.250:443
Targets
-
-
Target
81069c0541127cd913b4a3551b6a8b772cb742f4d557426cdfcff24dfbfba901
-
Size
412KB
-
MD5
e71e4482c9034ad0071e78de3cd99258
-
SHA1
dae85fbcdfc8fd6d9d34cb3e1bdad714b16157b5
-
SHA256
81069c0541127cd913b4a3551b6a8b772cb742f4d557426cdfcff24dfbfba901
-
SHA512
8d835333d9088771ad22169759f0e786c9a3ae188b993ede951cb3eb60ed830d3407706b7075f2f62eda7eaa222150454c3ac292a90fe95027e5a7957a34ea8d
-
SSDEEP
6144:aH0RW81UplEIb6hRAOf6DXyhCra81CtS08OB8xS4GE/mFCo3QkgqbqAT:tFpMOfeihCraKuiS4zCCo3QkvqA
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Emotet family
-
Loads dropped DLL
-
Drops file in System32 directory
-