emotet | b9c7d471ba8f1ebabe835982ca79cad248f43214be81bb4db3709b88cd1f80f6

General

Target

b9c7d471ba8f1ebabe835982ca79cad248f43214be81bb4db3709b88cd1f80f6
Size

70KB
MD5

5456e6445d95334f5124c1a086a189af
SHA1

cd74c58e422ca15bb6beb2525bb0379e0d168509
SHA256

b9c7d471ba8f1ebabe835982ca79cad248f43214be81bb4db3709b88cd1f80f6
SHA512

72db6f95d8704e2a0721b3a8d043681e00072de7caecebdc325cc249376b0ff17f66257497e72d4af9d76508d43a6a46d75cb34eb6876fba56b991f05c72f286

Score

10^/10

epoch2 emotet

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

186.4.172.5:443

117.197.124.36:443

37.208.39.59:7080

186.4.172.5:8080

182.176.106.43:995

178.62.37.188:443

92.51.129.249:4143

92.222.125.16:7080

142.44.162.209:8080

31.12.67.62:7080

46.105.131.87:80

92.222.216.44:8080

87.106.136.232:8080

103.97.95.218:143

190.145.67.134:8090

104.236.246.93:8080

88.156.97.210:80

175.100.138.82:22

78.24.219.147:8080

91.205.215.66:8080

rsa_pubkey.plain

Signatures

Emotet family
emotet

Files

b9c7d471ba8f1ebabe835982ca79cad248f43214be81bb4db3709b88cd1f80f6
.exe windows x86

009889c73bd2e55113bf6dfa5f395e0d

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsProcessorFeaturePresent

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

009889c73bd2e55113bf6dfa5f395e0d

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 19KB

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 19KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 1KB - Virtual size: 1KB