General
-
Target
37a3c510bf94138e9cc983c691fdfaf22a8de1bbac3cf718a7e522649cdf88fb
-
Size
316KB
-
Sample
220625-2k4enaghc2
-
MD5
40a96c42e50077f03f9873a696427b0c
-
SHA1
5932ee55845edbeb10c7bc612b88eb2f1c7316cd
-
SHA256
37a3c510bf94138e9cc983c691fdfaf22a8de1bbac3cf718a7e522649cdf88fb
-
SHA512
45883c375d9384a99065db8e33778647e31ca7c16baee5f46ef859baf21954b72b7e100ef96adaf3e581cff8a60ee0d91ebe98b364ef9ad7eb3bf0d6efc64b84
Malware Config
Targets
-
-
Target
37a3c510bf94138e9cc983c691fdfaf22a8de1bbac3cf718a7e522649cdf88fb
-
Size
316KB
-
MD5
40a96c42e50077f03f9873a696427b0c
-
SHA1
5932ee55845edbeb10c7bc612b88eb2f1c7316cd
-
SHA256
37a3c510bf94138e9cc983c691fdfaf22a8de1bbac3cf718a7e522649cdf88fb
-
SHA512
45883c375d9384a99065db8e33778647e31ca7c16baee5f46ef859baf21954b72b7e100ef96adaf3e581cff8a60ee0d91ebe98b364ef9ad7eb3bf0d6efc64b84
Score10/10-
Modifies WinLogon for persistence
-
suricata: ET MALWARE Possible Emotet DGA NXDOMAIN Responses
suricata: ET MALWARE Possible Emotet DGA NXDOMAIN Responses
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Installed Components in the registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Modifies WinLogon
-
Suspicious use of SetThreadContext
-