General
-
Target
fa5c79321dd4cc2fea795d6ebe2e823abe33ca6f
-
Size
477KB
-
Sample
230201-fwy4esdh3t
-
MD5
f1ab1fa6d2b93ae55b448b96733ff195
-
SHA1
fa5c79321dd4cc2fea795d6ebe2e823abe33ca6f
-
SHA256
045c4ab485bd45781234451af0eae62f23abceae375d5434cff37c3e5620f872
-
SHA512
06f5ebb1d2f1079bec579856cd676d256758961dabedc9851836ff22b6442c0efd9ec818b95715b8ee706e126df63322fd7e3ebe679e46bd91e49abb8caf5bd4
-
SSDEEP
12288:Ur1hcmamspxYUL24xYkPuPN1A27pNMTWdQpDx82540:IDdyxYUmA277MKwDlf
Static task
static1
Behavioral task
behavioral1
Sample
fa5c79321dd4cc2fea795d6ebe2e823abe33ca6f.exe
Resource
win7-20221111-en
Malware Config
Extracted
emotet
Epoch1
181.188.149.134:80
203.130.0.67:80
5.67.96.120:8080
189.245.135.12:143
143.0.245.169:8080
151.80.142.33:80
159.65.241.220:8080
109.104.79.48:8080
43.229.62.186:8080
72.47.248.48:8080
46.249.204.99:8080
181.48.174.242:80
190.230.60.129:80
89.188.124.145:443
187.242.204.142:80
200.57.102.71:8443
201.219.183.243:443
190.117.206.153:443
200.80.198.34:80
138.68.106.4:7080
185.86.148.222:8080
79.143.182.254:8080
159.203.204.126:8080
190.19.42.131:80
200.58.171.51:80
181.39.134.122:80
46.21.105.59:8080
80.85.87.122:8080
183.82.97.25:80
178.79.163.131:8080
196.6.112.70:443
91.83.93.124:7080
91.205.215.57:7080
217.113.27.158:443
77.122.183.203:8080
203.25.159.3:8080
190.1.37.125:443
77.245.101.134:8080
187.188.166.192:80
190.55.39.215:80
109.169.86.13:8080
90.69.208.50:7080
37.59.1.74:8080
149.62.173.247:8080
185.129.93.140:80
62.75.143.100:7080
62.210.142.58:8080
183.87.87.73:80
23.92.22.225:7080
187.144.227.2:7080
88.250.223.190:8080
217.199.175.216:8080
5.77.13.70:80
213.120.104.180:50000
190.97.10.198:80
69.163.33.82:8080
86.42.166.147:80
125.99.61.162:7080
81.169.140.14:443
170.247.122.37:8080
46.29.183.211:8080
179.62.18.56:443
186.83.133.253:8080
Targets
-
-
Target
fa5c79321dd4cc2fea795d6ebe2e823abe33ca6f
-
Size
477KB
-
MD5
f1ab1fa6d2b93ae55b448b96733ff195
-
SHA1
fa5c79321dd4cc2fea795d6ebe2e823abe33ca6f
-
SHA256
045c4ab485bd45781234451af0eae62f23abceae375d5434cff37c3e5620f872
-
SHA512
06f5ebb1d2f1079bec579856cd676d256758961dabedc9851836ff22b6442c0efd9ec818b95715b8ee706e126df63322fd7e3ebe679e46bd91e49abb8caf5bd4
-
SSDEEP
12288:Ur1hcmamspxYUL24xYkPuPN1A27pNMTWdQpDx82540:IDdyxYUmA277MKwDlf
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-