Overview

overview

10

Static

static

3

2024-06-29...er.exe

windows7-x64

10

2024-06-29...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-06-29_df7483be5406be695b50b1f15d83bbb8_icedid_magniber

  • Size

    671KB

  • Sample

    240629-y6zrtayenk

  • MD5

    df7483be5406be695b50b1f15d83bbb8

  • SHA1

    69de8d0c0cead028805e8ac93ac6aa1bc95850aa

  • SHA256

    011280573f3ffbf712b5c146749878c18d8f94d57f325c7f9435fc886331c09a

  • SHA512

    7b73ee755af1365a32ac70b4b8658283089e35b3c967b2328b6ab2a9e36881083a87c03d072acfd47eb9fb7d010ae48c8c55a2ebf00bf30b748f4473aff0eb02

  • SSDEEP

    12288:BhGEsm5TpQrNAosJcRl7Bflkby3SJTGfRCK8lizPpZlySdpvIWjuZ:f5v0rNAMXBflkG3BCKiizxhjuZ

Score
10/10
emotetepoch1bankertrojan

Malware Config

Extracted

Family

emotet

Botnet

Epoch1

C2

152.170.196.157:443

103.31.232.93:443

200.123.183.137:443

201.213.100.141:8080

70.32.115.157:8080

164.77.130.222:80

203.25.159.3:8080

184.57.130.8:80

190.147.137.153:443

91.83.93.124:7080

217.199.160.224:8080

190.57.130.142:443

185.94.252.12:80

77.55.211.77:8080

111.67.12.221:8080

5.45.108.146:8080

73.155.126.84:80

212.71.237.140:8080

5.196.35.138:7080

188.129.197.149:80
rsa_pubkey.plain

Targets

    • Target

      2024-06-29_df7483be5406be695b50b1f15d83bbb8_icedid_magniber

    • Size

      671KB

    • MD5

      df7483be5406be695b50b1f15d83bbb8

    • SHA1

      69de8d0c0cead028805e8ac93ac6aa1bc95850aa

    • SHA256

      011280573f3ffbf712b5c146749878c18d8f94d57f325c7f9435fc886331c09a

    • SHA512

      7b73ee755af1365a32ac70b4b8658283089e35b3c967b2328b6ab2a9e36881083a87c03d072acfd47eb9fb7d010ae48c8c55a2ebf00bf30b748f4473aff0eb02

    • SSDEEP

      12288:BhGEsm5TpQrNAosJcRl7Bflkby3SJTGfRCK8lizPpZlySdpvIWjuZ:f5v0rNAMXBflkG3BCKiizxhjuZ

    Score
    10/10
    emotetepoch1bankertrojan

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

      trojanbankeremotet
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks