emotet

General

Target

2024-01-28_dc73a0184b43be81da178e478ba9fca5_icedid
Size

492KB
Sample

240128-lndqeagag6
MD5

dc73a0184b43be81da178e478ba9fca5
SHA1

ff7e92e306ffe9f13070b1aabbe4d57abc93ed6d
SHA256

d72366e3e0c8f717c97001d8ba5eff5b6e07d8536e13eaa9ab1927fce4c97f26
SHA512

9cdbb3f843aa66b193705729fc6645d131605e133615609393d9d926b25a8c7ff51a5e915e39f8583489faac80a44fd4b7074633841ceedccb118ae534db6f2b
SSDEEP

12288:Qagi9CKepyNMu8u9cXw3pPeWCehtlw/5U:Fgi9tTNj8uww3cTTU

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

104.32.141.43:80

112.68.240.21:80

104.236.28.47:8080

46.105.131.87:80

45.55.65.123:8080

120.150.246.241:80

60.231.217.199:8080

74.58.165.170:80

163.139.237.65:80

24.164.79.147:8080

78.24.219.147:8080

178.153.176.124:80

162.241.92.219:8080

92.222.216.44:8080

174.83.116.77:80

108.191.2.72:80

5.196.74.210:8080

47.156.70.145:80

70.127.155.33:80

78.189.180.107:80

rsa_pubkey.plain

Targets

- Target
  
  2024-01-28_dc73a0184b43be81da178e478ba9fca5_icedid
- Size
  
  492KB
- MD5
  
  dc73a0184b43be81da178e478ba9fca5
- SHA1
  
  ff7e92e306ffe9f13070b1aabbe4d57abc93ed6d
- SHA256
  
  d72366e3e0c8f717c97001d8ba5eff5b6e07d8536e13eaa9ab1927fce4c97f26
- SHA512
  
  9cdbb3f843aa66b193705729fc6645d131605e133615609393d9d926b25a8c7ff51a5e915e39f8583489faac80a44fd4b7074633841ceedccb118ae534db6f2b
- SSDEEP
  
  12288:Qagi9CKepyNMu8u9cXw3pPeWCehtlw/5U:Fgi9tTNj8uww3cTTU
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2