emotet | Emotet_6[.]exe

General

Target

Emotet_6.exe
Size

38KB
MD5

853395692a53ec7cb48261ac0eae42df
SHA1

dbd1d357e1ce3cb2a6b3193bbf9ccf15e726ecd0
SHA256

dc2e487082bef771981e65f3aee8d51970fae7b4a9b5a0e8927fb77154d048cc
SHA512

014e8d5db6d2b099bb7b17b058b1d1c9ead82b80deb5a19f6d83043582c2db2b473bdf74c284c3adeea38d3f2260df2101a659aca0b11fdb49d2d9f6b6b292d0
SSDEEP

768:xOlmOX8lq/NvSgF7SSdpa5niju+cf9PauaVmavh9:xsmOXkq/1B7TjuauZlPRFW

Score

10^/10

epoch2 emotet

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

71.126.247.90:80

98.239.119.52:80

80.86.91.91:8080

104.236.28.47:8080

47.155.214.239:443

180.92.239.110:8080

87.106.136.232:8080

76.104.80.47:80

173.16.62.227:80

92.222.216.44:8080

47.153.183.211:80

74.130.83.133:80

47.156.70.145:80

110.36.217.66:8080

160.16.215.66:8080

200.116.145.225:443

181.13.24.82:80

24.94.237.248:80

5.32.55.214:80

31.172.240.91:8080

rsa_pubkey.plain

Signatures

Emotet family
emotet

Files

Emotet_6.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 3KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 312B

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 3KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 312B