emotet

General

Target

2024-11-24_8d02e3da707575f6a26329c3a899f386_icedid
Size

971KB
Sample

241124-bdakwswkev
MD5

8d02e3da707575f6a26329c3a899f386
SHA1

0777bea85c96ec974e5ea68d93099cda3e2b5282
SHA256

04b0aaf88daa9cc5d90506f75531f6670d33ea33e9459bb6867837b5cd766045
SHA512

00eb9a75b6ff0691465f41e92c389810ef7f0048577fb661b9a31040629abe4b52afbc475dc89796fd6423d0014c558731ed21fcc242e45afd3f820a2bd7f95a
SSDEEP

12288:Rdq2982XqwpszV8ski5NeT0sjVZWtYz2QghDmvQhmHo9LWlXW4Y8c5O:RQ291fLski5N6ZWyz2QglbmHo9LG7c5O

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch2

C2

142.105.151.124:443

62.108.54.22:8080

212.51.142.238:8080

71.208.216.10:80

108.48.41.69:80

83.110.223.58:443

210.165.156.91:80

104.131.44.150:8080

104.236.246.93:8080

5.39.91.110:7080

209.141.54.221:8080

209.182.216.177:443

153.126.210.205:7080

91.211.88.52:7080

180.92.239.110:8080

183.101.175.193:80

162.241.92.219:8080

87.106.139.101:8080

114.146.222.200:80

65.111.120.223:80

rsa_pubkey.plain

Targets

- Target
  
  2024-11-24_8d02e3da707575f6a26329c3a899f386_icedid
- Size
  
  971KB
- MD5
  
  8d02e3da707575f6a26329c3a899f386
- SHA1
  
  0777bea85c96ec974e5ea68d93099cda3e2b5282
- SHA256
  
  04b0aaf88daa9cc5d90506f75531f6670d33ea33e9459bb6867837b5cd766045
- SHA512
  
  00eb9a75b6ff0691465f41e92c389810ef7f0048577fb661b9a31040629abe4b52afbc475dc89796fd6423d0014c558731ed21fcc242e45afd3f820a2bd7f95a
- SSDEEP
  
  12288:Rdq2982XqwpszV8ski5NeT0sjVZWtYz2QghDmvQhmHo9LWlXW4Y8c5O:RQ291fLski5N6ZWyz2QglbmHo9LG7c5O
Score

10^/10

emotet epoch2 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2