emotet

General

Target

2024-02-27_d62015052b024426f4595eed26132390_icedid
Size

428KB
Sample

240227-hdfkgabb5v
MD5

d62015052b024426f4595eed26132390
SHA1

e24bb299421e6e6e84d43aaa5f4979cd3cb19ce9
SHA256

8256610ba378001ba3c9bdf2d8ee48218e3719c2654745be5269dc7e0d812476
SHA512

bfc27627bb6bb8f509c6bc09129545ed986b3ec4457069dd1e5fe92a09ea4ab78354bec0819b9d0e68d89c6fdcc82fbb6a48d38e7425c38e8c2651da79eaa549
SSDEEP

6144:EDRYGonJpbTO/nz4flNVGSlLsF0cLsp1E1AMPEFkQbWGuT65EPSR9patDC0SAqHA:abon3u/z4kSlYFxApknEbtEPCpUDC7lg

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

70.127.155.33:80

65.184.222.119:80

113.52.123.226:7080

74.208.45.104:8080

136.243.205.112:7080

23.92.16.164:8080

45.55.65.123:8080

181.143.126.170:80

202.175.121.202:8090

209.97.168.52:8080

95.213.236.64:8080

103.86.49.11:8080

104.236.246.93:8080

50.116.86.205:8080

217.160.182.191:8080

222.144.13.169:80

179.13.185.19:80

76.104.80.47:443

218.255.173.106:80

207.177.72.129:8080

rsa_pubkey.plain

Targets

- Target
  
  2024-02-27_d62015052b024426f4595eed26132390_icedid
- Size
  
  428KB
- MD5
  
  d62015052b024426f4595eed26132390
- SHA1
  
  e24bb299421e6e6e84d43aaa5f4979cd3cb19ce9
- SHA256
  
  8256610ba378001ba3c9bdf2d8ee48218e3719c2654745be5269dc7e0d812476
- SHA512
  
  bfc27627bb6bb8f509c6bc09129545ed986b3ec4457069dd1e5fe92a09ea4ab78354bec0819b9d0e68d89c6fdcc82fbb6a48d38e7425c38e8c2651da79eaa549
- SSDEEP
  
  6144:EDRYGonJpbTO/nz4flNVGSlLsF0cLsp1E1AMPEFkQbWGuT65EPSR9patDC0SAqHA:abon3u/z4kSlYFxApknEbtEPCpUDC7lg
Score

10^/10

emotet epoch2 banker trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2