emotet

General

Target

2024-02-05_e75669c7b94c1062acef36cc3fcec6b0_icedid
Size

364KB
Sample

240205-nxz14shbak
MD5

e75669c7b94c1062acef36cc3fcec6b0
SHA1

fec424ff664262ff876d610c4f91c2d57d641e0f
SHA256

e27b9dfc55b73a626d01bba1026123d62a9574f1a902b042ecc0223dd5c0b884
SHA512

1daf9882ae7a09be59c5fbc777f0f06f0d1809a190cf17f580d19f289e8af2fdb461fa38781b72ae074f31179ac002076cf292c108c7fa321139c0377b589686
SSDEEP

6144:By2JRLj6K2gxsKRTVJO/W5TXfU4qHFDbTebas8PZRwBM:BLJpj6UxTV8/+f0lLU

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

54.38.94.197:8080

192.161.190.171:8080

80.93.48.49:7080

222.239.249.166:443

195.226.144.249:80

216.75.37.196:8080

192.163.221.191:8080

200.71.112.158:53

119.159.150.176:443

113.52.135.33:7080

50.116.78.109:8080

124.150.175.133:80

139.162.185.116:443

124.150.175.129:8080

157.7.164.178:8081

37.59.24.25:8080

51.38.134.203:8080

217.26.163.82:7080

172.104.70.207:8080

201.196.15.79:990

rsa_pubkey.plain

Targets

- Target
  
  2024-02-05_e75669c7b94c1062acef36cc3fcec6b0_icedid
- Size
  
  364KB
- MD5
  
  e75669c7b94c1062acef36cc3fcec6b0
- SHA1
  
  fec424ff664262ff876d610c4f91c2d57d641e0f
- SHA256
  
  e27b9dfc55b73a626d01bba1026123d62a9574f1a902b042ecc0223dd5c0b884
- SHA512
  
  1daf9882ae7a09be59c5fbc777f0f06f0d1809a190cf17f580d19f289e8af2fdb461fa38781b72ae074f31179ac002076cf292c108c7fa321139c0377b589686
- SSDEEP
  
  6144:By2JRLj6K2gxsKRTVJO/W5TXfU4qHFDbTebas8PZRwBM:BLJpj6UxTV8/+f0lLU
Score

10^/10

emotet epoch3 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2