emotet

General

Target

2025-01-12_4b158b27f34592651cf7e687455d9ad6_icedid
Size

408KB
Sample

250112-yjh6jswpfs
MD5

4b158b27f34592651cf7e687455d9ad6
SHA1

be2a0ce6895280b2969564dbb9e27e2a2d3ba9b7
SHA256

440bddc4e2106836fc51efe83fa4ef4e8824671475fcf9c0b0ad3ecf35d51647
SHA512

90a07897be6feda7396f43e46ce326644cef451aac88de84baa420f75f9757081746c31b1758181a621e21c40bf978983b9766b3ba9c6d76368de4e673e5eb91
SSDEEP

6144:HVtTsvH7NWW85J4KWB0Hex0rHnZGXXWg/13WfHofg1ELaeRlMJVBUwQhY6Nx:ji7NWWa4nMJzZhELb6+xR

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

200.109.58.183:443

190.195.148.163:80

46.105.131.68:8080

192.163.221.191:8080

124.150.175.133:80

190.96.118.15:443

216.70.88.55:8080

181.197.2.80:443

110.36.234.146:80

142.93.87.198:8080

23.253.207.142:8080

91.109.5.28:8080

138.197.140.163:8080

201.210.70.8:8080

94.177.253.126:80

75.154.163.1:8090

95.216.212.157:8080

186.84.173.153:80

157.7.164.178:8081

176.58.93.123:80

rsa_pubkey.plain

Targets

- Target
  
  2025-01-12_4b158b27f34592651cf7e687455d9ad6_icedid
- Size
  
  408KB
- MD5
  
  4b158b27f34592651cf7e687455d9ad6
- SHA1
  
  be2a0ce6895280b2969564dbb9e27e2a2d3ba9b7
- SHA256
  
  440bddc4e2106836fc51efe83fa4ef4e8824671475fcf9c0b0ad3ecf35d51647
- SHA512
  
  90a07897be6feda7396f43e46ce326644cef451aac88de84baa420f75f9757081746c31b1758181a621e21c40bf978983b9766b3ba9c6d76368de4e673e5eb91
- SSDEEP
  
  6144:HVtTsvH7NWW85J4KWB0Hex0rHnZGXXWg/13WfHofg1ELaeRlMJVBUwQhY6Nx:ji7NWWa4nMJzZhELb6+xR
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2