emotet

General

Target

2025-03-05_7103f01ddc749ec8edb214922afefafb_icedid
Size

240KB
Sample

250305-lfhdmavwf1
MD5

7103f01ddc749ec8edb214922afefafb
SHA1

0acf352dcb9479c28018db2c7ae3ff3dc1ab6b12
SHA256

908a0a8c7cde4a247b01c8f4d7cbe17127267c4056eab984b9410080f7d76dd9
SHA512

bc8c823157ecda74196717dd277ac917b4122b131b787f4db19e64272da42e3f4a43d2d18b808ebb29b247ef8b127415ea855a63c70771158ca78b0e85d54c4e
SSDEEP

3072:ymJm5Yd1H8kR5AXvQ9FjpsGgYH8CF4BBaY7M7lYlJhpYhXwT06c/7D9Dubm:y0DH8MAfQ3tCYP+aY7psu0b/7k

Score

10^/10

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

71.50.31.38:80

185.94.252.13:443

217.199.160.224:7080

181.167.96.215:80

111.67.12.221:8080

68.183.170.114:8080

212.71.237.140:8080

83.169.21.32:7080

190.6.193.152:8080

217.13.106.14:8080

181.31.211.181:80

177.66.190.130:80

192.241.146.84:8080

80.249.176.206:80

204.225.249.100:7080

137.74.106.111:7080

5.196.35.138:7080

104.131.103.37:8080

189.218.165.63:80

170.81.48.2:80

rsa_pubkey.plain

Targets

- Target
  
  2025-03-05_7103f01ddc749ec8edb214922afefafb_icedid
- Size
  
  240KB
- MD5
  
  7103f01ddc749ec8edb214922afefafb
- SHA1
  
  0acf352dcb9479c28018db2c7ae3ff3dc1ab6b12
- SHA256
  
  908a0a8c7cde4a247b01c8f4d7cbe17127267c4056eab984b9410080f7d76dd9
- SHA512
  
  bc8c823157ecda74196717dd277ac917b4122b131b787f4db19e64272da42e3f4a43d2d18b808ebb29b247ef8b127415ea855a63c70771158ca78b0e85d54c4e
- SSDEEP
  
  3072:ymJm5Yd1H8kR5AXvQ9FjpsGgYH8CF4BBaY7M7lYlJhpYhXwT06c/7D9Dubm:y0DH8MAfQ3tCYP+aY7psu0b/7k
Score

10^/10

emotet epoch1 banker discovery trojan
- Emotet
  Emotet is a trojan that is primarily spread through spam emails.
  trojan banker emotet
- Emotet family
  emotet
- Emotet payload
  Detects Emotet payload in memory.
  trojan banker
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Emotet family

Emotet payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2