General
-
Target
a35cdd0f55c3c00064c105f83c91c100_JaffaCakes118
-
Size
667KB
-
Sample
240613-bvxfzssgnl
-
MD5
a35cdd0f55c3c00064c105f83c91c100
-
SHA1
64d0d2ccceaa804fdf190e8a9346548c4a7a5d18
-
SHA256
51ef8528509b43caee997d6f19e267ba64658994853558b088317ec94a5e7e75
-
SHA512
99f7fb215f85102645f5881f5cb311a40e7474cdb53cbd91588d1903fdfcea79ec6956990170b89a755c94d08ca52e3611da54f839df706076fad70a9e4618fc
-
SSDEEP
12288:6+JJG//twCZ1CFy6jpcFnRO6QuiCDuBMoCyazA:6+J6/twC1N6jiVk6Quix4q
Malware Config
Extracted
emotet
Epoch2
104.193.103.61:80
104.131.123.136:443
5.196.108.189:8080
121.124.124.40:7080
87.106.139.101:8080
213.196.135.145:80
50.35.17.13:80
38.18.235.242:80
24.43.32.186:80
82.80.155.43:80
103.86.49.11:8080
113.61.66.94:80
24.137.76.62:80
187.49.206.134:80
42.200.107.142:80
24.179.13.119:80
93.147.212.206:80
108.46.29.236:80
105.186.233.33:80
37.139.21.175:8080
Targets
-
-
Target
a35cdd0f55c3c00064c105f83c91c100_JaffaCakes118
-
Size
667KB
-
MD5
a35cdd0f55c3c00064c105f83c91c100
-
SHA1
64d0d2ccceaa804fdf190e8a9346548c4a7a5d18
-
SHA256
51ef8528509b43caee997d6f19e267ba64658994853558b088317ec94a5e7e75
-
SHA512
99f7fb215f85102645f5881f5cb311a40e7474cdb53cbd91588d1903fdfcea79ec6956990170b89a755c94d08ca52e3611da54f839df706076fad70a9e4618fc
-
SSDEEP
12288:6+JJG//twCZ1CFy6jpcFnRO6QuiCDuBMoCyazA:6+J6/twC1N6jiVk6Quix4q
Score10/10-
Emotet
Emotet is a trojan that is primarily spread through spam emails.
-
Emotet payload
Detects Emotet payload in memory.
-