emotet | 4e8029a6c642310474a2baf6a1b0f655856ca39c5b944247435c0ee6daf16c8f | Triage

Resubmissions

16-02-2025 02:17

250216-cq22caxmex 10

13-02-2025 13:55

250213-q77vtayret 10

Sharing

General

Target

2025-02-13_90fed2855f0003495ff60d47ddad14a8_icedid
Size

456KB
Sample

250216-cq22caxmex
MD5

90fed2855f0003495ff60d47ddad14a8
SHA1

c5963014a06d55ab68ee393c0fd255fe9244d3b0
SHA256

4e8029a6c642310474a2baf6a1b0f655856ca39c5b944247435c0ee6daf16c8f
SHA512

8290dd62e2c79e5e6d848633fd2cdf73940f27e71e0c4d8e16588d67f82c9f7945f24f1898a27d9e2e04afe2a2319d52497e66b4aa8ac0e2979af450a2238f9a
SSDEEP

12288:sH9tNCsqbIoCyJgllh/krhMQUqKsRR2B9:ytEfbjJglvqyB9

Score

10^/10

emotet epoch1 banker discovery trojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

24.249.135.121:80

185.94.252.13:443

149.62.173.247:8080

50.28.51.143:8080

80.249.176.206:80

5.196.35.138:7080

190.17.195.202:80

143.0.87.101:80

190.147.137.153:443

181.30.69.50:80

51.255.165.160:8080

190.96.118.251:443

72.47.248.48:7080

178.79.163.131:8080

212.231.60.98:80

187.162.248.237:80

2.47.112.152:80

68.183.190.199:8080

192.241.143.52:8080

77.55.211.77:8080

rsa_pubkey.plain

Targets

- Target
  
  2025-02-13_90fed2855f0003495ff60d47ddad14a8_icedid
- Size
  
  456KB
- MD5
  
  90fed2855f0003495ff60d47ddad14a8
- SHA1
  
  c5963014a06d55ab68ee393c0fd255fe9244d3b0
- SHA256
  
  4e8029a6c642310474a2baf6a1b0f655856ca39c5b944247435c0ee6daf16c8f
- SHA512
  
  8290dd62e2c79e5e6d848633fd2cdf73940f27e71e0c4d8e16588d67f82c9f7945f24f1898a27d9e2e04afe2a2319d52497e66b4aa8ac0e2979af450a2238f9a
- SSDEEP
  
  12288:sH9tNCsqbIoCyJgllh/krhMQUqKsRR2B9:ytEfbjJglvqyB9
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

emotetepoch1bankerdiscoverytrojan

behavioral2

emotetepoch1bankerdiscoverytrojan