General
-
Target
c0a7744183b9209e75fce6e079b9294d7f0b9c37449a984a735a10e76df4ebad
-
Size
307KB
-
Sample
241120-x7pgsswngn
-
MD5
201b0b7f93c93140432bd44397798cdf
-
SHA1
82b591b4d6dcff28950b8a79f88a7f50229914b5
-
SHA256
c0a7744183b9209e75fce6e079b9294d7f0b9c37449a984a735a10e76df4ebad
-
SHA512
e2538ec3471cc0aa266e84e325d38be675ed653121d6f6eeb80e565adbc90f91f0fcf9ee35c656cae6bc5d2ba306b5022c166dbe4952af73f01ccbf95532fc19
-
SSDEEP
6144:9lC8ceVH8oAv8SRm7DB7DOSjNXsgXMPFVQecjYxZCg1vqeZvveMHXo:9lFin9RwFDbFXMzQjjib5q+vc
Malware Config
Extracted
emotet
Epoch5
5.189.160.61:443
94.177.178.26:8080
202.29.239.162:443
54.38.143.246:7080
119.59.125.140:8080
185.148.168.15:8080
188.166.229.148:443
2.58.16.87:8080
104.131.62.48:8080
103.82.248.59:7080
37.59.209.141:8080
103.133.214.242:8080
195.77.239.39:8080
128.199.192.135:8080
78.47.204.80:443
59.148.253.194:443
87.106.97.83:7080
45.71.195.104:8080
85.214.67.203:8080
139.196.72.155:8080
Targets
-
-
Target
2322f7277c9c0fc817d1979866dfd0040931c53dd9c25660582e92833acb06cf
-
Size
480KB
-
MD5
ab6df82586adb596d7e333ffb079e461
-
SHA1
f9eab7114a75fdecd9f198a8bf32f8b5a5037a08
-
SHA256
2322f7277c9c0fc817d1979866dfd0040931c53dd9c25660582e92833acb06cf
-
SHA512
cad119a493f06560e3954bc53f723e13379deb92fc7a8324051b3ab20c5bcdea35d324d1efc7a997fff0425f237c547dbc362b793f37ab4f520897b155608ed2
-
SSDEEP
6144:XJDdcNtINDR6/qONZyPf71mOFFxFpkHPJM978QHnJPFVkecjYxZCg1vqe3oz:XJDdWtINDccPf71v7zWKpzkjjib5qN
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Emotet family
-
Loads dropped DLL
-
Drops file in System32 directory
-