General
-
Target
017cd7cbc5097448eff0159abba17a45a5d27b0a23758dc4870b396b1564c1d8
-
Size
285KB
-
Sample
241121-a9vp9sxlaw
-
MD5
3543a5be23a16e13d299eb303008d3fe
-
SHA1
0b05cef47f0e8098e5921f045257d2a1e2432e68
-
SHA256
017cd7cbc5097448eff0159abba17a45a5d27b0a23758dc4870b396b1564c1d8
-
SHA512
0ad96526148994d4e719eee6098c2e4db0cde7cbf43e1bf0d3532d99dcbfb622f366bbb5aee50ad287da680e32232e076269a356cf59f714629dffc19bad50ac
-
SSDEEP
6144:OLJmEHQoaG8sQxMG4fx/jz6NPL7/GkqbscgCG5YqfmN:A5wZQQCHf1z6Nv/GkUGCqmN
Malware Config
Extracted
emotet
Epoch5
80.211.107.116:8080
188.166.229.148:443
121.78.112.42:8080
185.148.168.15:8080
210.57.209.142:8080
194.9.172.107:8080
139.196.72.155:8080
128.199.192.135:8080
62.171.178.147:8080
103.133.214.242:8080
104.131.62.48:8080
103.41.204.169:8080
54.37.106.167:8080
217.182.143.207:443
185.148.168.220:8080
202.134.4.210:7080
198.199.98.78:8080
5.56.132.177:8080
66.42.57.149:443
78.46.73.125:443
Targets
-
-
Target
f9aea9c057d8646dbb9ec35724e63dc88ba7863b97249a0289961cfd0f02e374
-
Size
494KB
-
MD5
bf939aeef3ab61983ce70fa91963959d
-
SHA1
a15db0880530e4af1389fea6c0863657e109a94c
-
SHA256
f9aea9c057d8646dbb9ec35724e63dc88ba7863b97249a0289961cfd0f02e374
-
SHA512
fded1ac102e09985f28ce4ca6bb34806c35f5c1f008423a3626e53f0e21231ca481cf34137870f05ac8ccfb0260443f0a012f80f91c31a07263f9a07b240a1c3
-
SSDEEP
6144:VikzyaB9eoCyx/mEhHB5RYSJ/xO+qiCjzQNPj79GkqbscgCG5qH6scI:VNnCGmyHB5SSJph0zQN39GkUGQSI
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Emotet family
-
Loads dropped DLL
-
Drops file in System32 directory
-