emotet | c207ddc90fdf99e259c62845cb06c5bd91dfcb2d1360c05208c66f631a1e7460

General

Target

c207ddc90fdf99e259c62845cb06c5bd91dfcb2d1360c05208c66f631a1e7460
Size

208KB
MD5

eb860cf03b3e1bbd41615fa45d5f0d60
SHA1

39455c77c164081f996c7d935ffedefbf87f6006
SHA256

c207ddc90fdf99e259c62845cb06c5bd91dfcb2d1360c05208c66f631a1e7460
SHA512

2851a03d9dc5473e80e3b532b4e61a5e6b5babeb7cc9548cd90924024eb1f5702df05bc6df0352a164b7cb41a8b3dda89a1fd9e9532b1d7c2dab3b00fadda0f7
SSDEEP

3072:+dlSbyE0Mxj9H8oyoxQEykJkVoxbf9gXbX0d7qFiPrtW:+dlOyBAj+gQEykWyxbGXYd7siP5W

Score

10^/10

emotet

Malware Config

Extracted

Family

emotet

C2

165.22.61.235:443

121.78.112.42:8080

216.10.251.121:8080

195.77.239.39:8080

195.154.146.35:443

68.183.93.250:443

139.196.72.155:8080

194.9.172.107:8080

196.44.98.190:8080

128.199.192.135:8080

5.56.132.177:8080

78.46.73.125:443

87.106.97.83:7080

66.42.57.149:443

37.44.244.177:8080

190.90.233.66:443

203.153.216.46:443

207.148.81.119:8080

103.41.204.169:8080

104.131.62.48:8080

Signatures

Emotet family
emotet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
c207ddc90fdf99e259c62845cb06c5bd91dfcb2d1360c05208c66f631a1e7460

Files

c207ddc90fdf99e259c62845cb06c5bd91dfcb2d1360c05208c66f631a1e7460
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 135KB - Virtual size: 30.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 30.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 30.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 30.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 30.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 135KB - Virtual size: 30.1MB

.rdata Size: 512B - Virtual size: 30.2MB

.data Size: 1024B - Virtual size: 30.2MB

.reloc Size: 1024B - Virtual size: 30.2MB

.rsrc Size: 48KB - Virtual size: 30.2MB

.text
Size: 135KB - Virtual size: 30.1MB

.rdata
Size: 512B - Virtual size: 30.2MB

.data
Size: 1024B - Virtual size: 30.2MB

.reloc
Size: 1024B - Virtual size: 30.2MB

.rsrc
Size: 48KB - Virtual size: 30.2MB