Overview
overview
10Static
static
82023-03-17...es.zip
windows10-1703-x64
101-attachm...33.zip
windows10-1703-x64
1A 2618033.doc
windows10-1703-x64
1001-attachm...08.one
windows10-1703-x64
101-attachm...08.zip
windows10-1703-x64
102-embedde...ut1.js
windows10-1703-x64
803-downloa...Fj.zip
windows10-1703-x64
103-downloa...jc.zip
windows10-1703-x64
103-downloa...cA.zip
windows10-1703-x64
103-downloa...vb.zip
windows10-1703-x64
1Analysis
-
max time kernel
384s -
max time network
447s -
platform
windows10-1703_x64 -
resource
win10-20230220-en -
resource tags
arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system -
submitted
27-03-2023 07:44
Behavioral task
behavioral1
Sample
2023-03-17-Emotet-malware-samples.zip
Resource
win10-20230220-en
Behavioral task
behavioral2
Sample
01-attachments-3-examples/A 2618033.zip
Resource
win10-20230220-en
Behavioral task
behavioral3
Sample
A 2618033.doc
Resource
win10-20230220-en
Behavioral task
behavioral4
Sample
01-attachments-3-examples/Message 167168370508.one
Resource
win10-20230220-en
Behavioral task
behavioral5
Sample
01-attachments-3-examples/Untitled_608.zip
Resource
win10-20230220-en
Behavioral task
behavioral6
Sample
02-embedded-JS-file-from-OneNote-doc/output1.js
Resource
win10-20230220-en
Behavioral task
behavioral7
Sample
03-downloaded-zips-with-inflated-Emote-DLLs-4-examples/6AfEa8G0W8NOtUh7hqFj.zip
Resource
win10-20230220-en
Behavioral task
behavioral8
Sample
03-downloaded-zips-with-inflated-Emote-DLLs-4-examples/Ac8wwulKxqZjc.zip
Resource
win10-20230220-en
Behavioral task
behavioral9
Sample
03-downloaded-zips-with-inflated-Emote-DLLs-4-examples/O1uPzXd2YscA.zip
Resource
win10-20230220-en
Behavioral task
behavioral10
Sample
03-downloaded-zips-with-inflated-Emote-DLLs-4-examples/TKK8yKdEvyYAbBE5avb.zip
Resource
win10-20230220-en
General
-
Target
02-embedded-JS-file-from-OneNote-doc/output1.js
-
Size
124KB
-
MD5
9e346695bbc4291bc769f98be9e6a5e9
-
SHA1
3396a0f6e6270e798fadae572d1a914ebbbcd944
-
SHA256
f25f69c71066b18364cd405ae80048a8b615c4b0f2cc4cb51b916ef08ba246db
-
SHA512
60f9fe65730a3341d6147669b8dde56f0055b7e05f8150de4a3f316d8eeab22c5094dc70e252bd6667189fa28649a404a51deb8e92e4044d4a9d196bba1921cf
-
SSDEEP
1536:ytFYr16AwN5dh/CFK1rUBp2jH3p3mXjSVjPejWuSeZ7kZocYEpa4G2LJ0H/E+lua:QFYrQAwNLhbrUzJr9EQB1x3W9GHV
Malware Config
Signatures
-
Blocklisted process makes network request 12 IoCs
Processes:
wscript.exeflow pid process 2 1064 wscript.exe 5 1064 wscript.exe 8 1064 wscript.exe 10 1064 wscript.exe 12 1064 wscript.exe 14 1064 wscript.exe 16 1064 wscript.exe 22 1064 wscript.exe 23 1064 wscript.exe 27 1064 wscript.exe 30 1064 wscript.exe 32 1064 wscript.exe