33.0.0 White Diamond
IR
465749
CloudBasic
08:31:56
16/08/2021
emo.exe
default.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
1d314c60cf2ab83672f258033f1c9fdb
a076655c3e4b48b2a074a7d37210adaea0e22f92
459f8d96d0c21300199c87ee798b594216732a27da6c3190f36b483df9faaabf
Win32 Executable (generic) a (10002005/4) 99.96%
true
false
false
false
92
0
100
5
0
5
false
104.136.151.73
192.168.2.1
186.159.186.156
66.112.88.78
105.224.170.204
200.54.111.170
Drops executables to the windows directory (C:\Windows) and starts them
Hides that the sample has been downloaded from the Internet (zone.identifier)
Machine Learning detection for sample
Antivirus / Scanner detection for submitted sample
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Yara detected Emotet