download: | 01907954385637 |
Full analysis: | https://app.any.run/tasks/a3ab22d6-3d25-45f1-b385-d9273b577f6a |
Verdict: | Malicious activity |
Threats: | Emotet is one of the most dangerous trojans ever created. Over the course of its lifetime, it was upgraded to become a very destructive malware. It targets mostly corporate victims but even private users get infected in mass spam email campaigns. |
Analysis date: | January 17, 2020, 18:04:27 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Tags: | |
MIME: | application/octet-stream |
File info: | data |
MD5: | 0C8D54B2D1F0EEED7EF1E9C0EC960944 |
SHA1: | 5216AAED02F8A892F0D6D6273A6D4DA91279AA68 |
SHA256: | 10C1D34F092F1CBD8CD4B70019F2B220FB38A7A5D8166F76FEEFE54C541A7860 |
SSDEEP: | 6144:Z0Rum7mdLRp1bbSBIR/EHGtCMXgTo8qoFt/etg+Fzo/Z2KXwm:Z0E3dxtR/iU9mvUPFzm2KXwm |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2128 | "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\admin\AppData\Local\Temp\01907954385637 | C:\Windows\system32\rundll32.exe | — | explorer.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows host process (Rundll32) Version: 6.1.7600.16385 (win7_rtm.090713-1255) |