emotet

General

Target

2025-01-13_11faa754eea75dac0c5b0f63e95c8fe6_icedid
Size

273KB
Sample

250113-c66pgavkfm
MD5

11faa754eea75dac0c5b0f63e95c8fe6
SHA1

993175aba39f556e33a09c8f9c5e7d676c90ddf7
SHA256

4128ad10313d04a55f14f72d3d9883de9b8df6417566c386b28693fe1cead77c
SHA512

e991c7d7488586086e8277246fc4a09d3166883201c5b63c690a741d55f2a1ecf2ba639adfe6f3a3d83d3337ba96ec3a913a09bd836260758e25f80b1f18b7ea
SSDEEP

6144:OGj5A9/6y8mGw8jArXM1qa9fjLI/c/wmYYmNdG9D1HV:OG9sgjALM1qYCco/NMB11

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch3

C2

177.144.130.105:443

198.27.69.201:8080

157.7.164.178:8081

78.188.170.128:80

203.153.216.178:7080

77.74.78.80:443

178.33.167.120:8080

177.0.241.28:80

143.95.101.72:8080

51.38.201.19:7080

181.167.35.84:80

41.185.29.128:8080

192.163.221.191:8080

181.164.110.7:80

203.153.216.182:7080

80.211.32.88:8080

113.160.180.109:80

185.142.236.163:443

192.241.220.183:8080

87.106.231.60:8080

rsa_pubkey.plain

Targets

- Target
  
  2025-01-13_11faa754eea75dac0c5b0f63e95c8fe6_icedid
- Size
  
  273KB
- MD5
  
  11faa754eea75dac0c5b0f63e95c8fe6
- SHA1
  
  993175aba39f556e33a09c8f9c5e7d676c90ddf7
- SHA256
  
  4128ad10313d04a55f14f72d3d9883de9b8df6417566c386b28693fe1cead77c
- SHA512
  
  e991c7d7488586086e8277246fc4a09d3166883201c5b63c690a741d55f2a1ecf2ba639adfe6f3a3d83d3337ba96ec3a913a09bd836260758e25f80b1f18b7ea
- SSDEEP
  
  6144:OGj5A9/6y8mGw8jArXM1qa9fjLI/c/wmYYmNdG9D1HV:OG9sgjALM1qYCco/NMB11
Score

10^/10

emotet epoch3 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2