General
-
Target
2024-11-21_5a51fa645bb0b1a23da1f1655de5140a_icedid
-
Size
248KB
-
Sample
241121-ejp5bayajd
-
MD5
5a51fa645bb0b1a23da1f1655de5140a
-
SHA1
fe43b1c000963c19bcfc88fcacb4e36e87211db4
-
SHA256
043d1728d13e158eaeff490936c0157db7d39a2bc40ffa151b3c15ca22c0fa90
-
SHA512
6258c5b304625d7602638b42fa0838ab0b0564857f9205100e81123a2952762a39d93312608ba9c30075c852d699e15933fbd9b5cdc81e1f878e567854bef5fe
-
SSDEEP
3072:B4pkArp0yocpcIDt+9bADzccj51VvsOQT/RaQr7d9lcPpOiGGaaDVU1RIMvP51D:B4pdrp0UPDtxUkVGpaQmpOZOq1RZvP
Malware Config
Extracted
emotet
Epoch2
68.44.137.144:443
69.30.203.214:8080
67.205.85.243:8080
79.98.24.39:8080
5.196.74.210:8080
188.83.220.2:443
109.116.214.124:443
203.117.253.142:80
104.131.11.150:443
97.82.79.83:80
121.124.124.40:7080
83.169.36.251:8080
89.186.91.200:443
70.167.215.250:8080
204.197.146.48:80
167.86.90.214:8080
190.160.53.126:80
95.213.236.64:8080
47.144.21.12:443
169.239.182.217:8080
Targets
-
-
Target
2024-11-21_5a51fa645bb0b1a23da1f1655de5140a_icedid
-
Size
248KB
-
MD5
5a51fa645bb0b1a23da1f1655de5140a
-
SHA1
fe43b1c000963c19bcfc88fcacb4e36e87211db4
-
SHA256
043d1728d13e158eaeff490936c0157db7d39a2bc40ffa151b3c15ca22c0fa90
-
SHA512
6258c5b304625d7602638b42fa0838ab0b0564857f9205100e81123a2952762a39d93312608ba9c30075c852d699e15933fbd9b5cdc81e1f878e567854bef5fe
-
SSDEEP
3072:B4pkArp0yocpcIDt+9bADzccj51VvsOQT/RaQr7d9lcPpOiGGaaDVU1RIMvP51D:B4pdrp0UPDtxUkVGpaQmpOZOq1RZvP
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Emotet family
-
Emotet payload
Detects Emotet payload in memory.
-