emotet | 5af6f7300041dc55b3f8ef26f41c993898b20fedc57d751a3a7f9482293faa9a

General

Target

5af6f7300041dc55b3f8ef26f41c993898b20fedc57d751a3a7f9482293faa9a
Size

304KB
MD5

96758bd360acafd9077db3ec985ab317
SHA1

456450d72fdbec334084387998b0ec62b59aed5d
SHA256

5af6f7300041dc55b3f8ef26f41c993898b20fedc57d751a3a7f9482293faa9a
SHA512

71d3a8b0225c8d2e740715a1a00dc2e51d89bcdf5de13e3f5ba723113f2b31ad49931e455b163aa77d6b5529f572b473ccab673760f8037ada37dca6909b6930
SSDEEP

6144:avhOUFArKMCcIQYU5bkVidtliP5WpiP5WpiP5W:mHhMtTYU5bD94G4G4

Score

10^/10

emotet

Malware Config

Extracted

Family

emotet

C2

165.22.61.235:443

121.78.112.42:8080

216.10.251.121:8080

195.77.239.39:8080

195.154.146.35:443

68.183.93.250:443

139.196.72.155:8080

194.9.172.107:8080

196.44.98.190:8080

128.199.192.135:8080

5.56.132.177:8080

78.46.73.125:443

87.106.97.83:7080

66.42.57.149:443

37.44.244.177:8080

190.90.233.66:443

203.153.216.46:443

207.148.81.119:8080

103.41.204.169:8080

104.131.62.48:8080

Signatures

Emotet family
emotet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5af6f7300041dc55b3f8ef26f41c993898b20fedc57d751a3a7f9482293faa9a

Files

5af6f7300041dc55b3f8ef26f41c993898b20fedc57d751a3a7f9482293faa9a
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 135KB - Virtual size: 30.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 30.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 30.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 30.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 144KB - Virtual size: 30.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 135KB - Virtual size: 30.4MB

.rdata Size: 512B - Virtual size: 30.6MB

.data Size: 1024B - Virtual size: 30.6MB

.reloc Size: 1024B - Virtual size: 30.6MB

.rsrc Size: 144KB - Virtual size: 30.6MB

.text
Size: 135KB - Virtual size: 30.4MB

.rdata
Size: 512B - Virtual size: 30.6MB

.data
Size: 1024B - Virtual size: 30.6MB

.reloc
Size: 1024B - Virtual size: 30.6MB

.rsrc
Size: 144KB - Virtual size: 30.6MB