emotet

General

Target

a22470fb38cb5c2a2e2e98a0ce783422_icedid_JC.exe
Size

413KB
Sample

230826-qtyd8aae49
MD5

a22470fb38cb5c2a2e2e98a0ce783422
SHA1

c9dfdcc54d8d8f10ddb91d431ad4ce3bc3eddb83
SHA256

d20c68ff7d0af9a1784b9050e6344c2b3be1c9d26a7006b5d7bd91f00cf0a211
SHA512

6fddc67f5e16715147b62a7816643b346936c5423aac0e1dc47305b17551572f4b1e27e841552788aac46ca0df6e3684eb86d08bd2c27e84edcb1f7e3abe9ec3
SSDEEP

6144:4DGdfqz0lY4HPlxbAyROYDgrXecD+6JrblKvN7QxxWPLw9G9Yr9lpuRepfYZb6/Y:aGdfqzmpAmOYgI6lblK10VLxiMfDWd

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

76.31.115.125:80

181.30.61.163:80

181.30.61.163:443

103.31.232.93:80

94.177.183.28:8080

159.65.241.220:8080

45.79.95.107:443

181.231.220.232:80

189.19.81.181:443

181.36.42.205:443

5.196.35.138:7080

190.38.152.143:80

83.248.141.198:80

181.29.101.13:8080

138.68.106.4:7080

77.55.211.77:8080

212.71.237.140:8080

207.154.204.40:8080

68.187.160.28:443

190.191.82.216:80

rsa_pubkey.plain

Targets

- Target
  
  a22470fb38cb5c2a2e2e98a0ce783422_icedid_JC.exe
- Size
  
  413KB
- MD5
  
  a22470fb38cb5c2a2e2e98a0ce783422
- SHA1
  
  c9dfdcc54d8d8f10ddb91d431ad4ce3bc3eddb83
- SHA256
  
  d20c68ff7d0af9a1784b9050e6344c2b3be1c9d26a7006b5d7bd91f00cf0a211
- SHA512
  
  6fddc67f5e16715147b62a7816643b346936c5423aac0e1dc47305b17551572f4b1e27e841552788aac46ca0df6e3684eb86d08bd2c27e84edcb1f7e3abe9ec3
- SSDEEP
  
  6144:4DGdfqz0lY4HPlxbAyROYDgrXecD+6JrblKvN7QxxWPLw9G9Yr9lpuRepfYZb6/Y:aGdfqzmpAmOYgI6lblK10VLxiMfDWd
Score

10^/10

emotet epoch1 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2