emotet | 2eef2f88dc510ccfb6b90011eb308b90819efffc3bfa0c91a06d77d22d5386ac

General

Target

2eef2f88dc510ccfb6b90011eb308b90819efffc3bfa0c91a06d77d22d5386ac
Size

60KB
MD5

4f2b2f25dfdf2822a3d891a276069ff1
SHA1

411de06d6253b75c17a9c47b9c44650f5187d6a3
SHA256

2eef2f88dc510ccfb6b90011eb308b90819efffc3bfa0c91a06d77d22d5386ac
SHA512

68e29d6e080b3c5e241deb4023da3268073f1183c75edd954966227bff0d282a700553abac27e4109c62157e36b7d60520d67268d80ecea71854848f8228abc1
SSDEEP

1536:DgbuFIFss+C4Tkvfo7kscvVKIWkjQz7yV/SAac:MlFsG4TkHtv+z7w

Score

10^/10

epoch2 emotet

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

108.6.140.26:80

70.184.9.39:8080

222.144.13.169:80

45.55.65.123:8080

217.160.19.232:8080

176.9.43.37:8080

5.199.130.105:7080

202.175.121.202:8090

91.205.215.66:443

120.150.246.241:80

74.130.83.133:80

105.247.123.133:8080

190.12.119.180:443

37.187.72.193:8080

190.146.205.227:8080

200.21.90.5:443

206.189.112.148:8080

92.222.216.44:8080

24.94.237.248:80

2.237.76.249:80

rsa_pubkey.plain

Signatures

Emotet family
emotet

Files

2eef2f88dc510ccfb6b90011eb308b90819efffc3bfa0c91a06d77d22d5386ac
.exe windows x86

009889c73bd2e55113bf6dfa5f395e0d

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsProcessorFeaturePresent

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

009889c73bd2e55113bf6dfa5f395e0d

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 15KB

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 1024B - Virtual size: 1016B

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 15KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 1024B - Virtual size: 1016B