Emotet and Other Malware Shifting Tactics to OneNote Files
Emotet, a notorious and dangerous malware strain, has re-emerged after a period of dormancy. Its new iteration exhibits enhanced capabilities, notably evading macro security features and employing a method of delivery made ...
Hunting Emotet: How Behavioural Hunting Trumps IOC Detection Every Time
As a threat hunter, I have seen the evolution of cyber threats firsthand and the challenges that organizations face when trying to protect themselves. One threat that has been particularly persistent is ...
How to Defeat Emotet Malware with SSL Interception
One of the longest-running and more lethal malware strains has once again returned on the scene. Called Emotet, it started out as a simple banking Trojan when it was created in 2014 ...
Hunting Emotet Made Easy with EclecticIQ Endpoint Response
Earlier this year, EclecticIQ Analysts published this article detailing the inner workings of a newly observed Emotet variant. In November, another industry source published a report talking about the resurgence of ...
VMware Research Uncovers Evolving Nature of Emotet Malware
In January 2021, coordinated by Europol and Eurojust, law enforcement authorities from the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine collaborated on one of the most dramatic ...
Putting an End to Emotet: Measuring the Real-World Efficacy of Protective DNS Providers
We compared HYAS with other top protective DNS providers to find out which one was able to detect and block the most domains associated with an Emotet attack. Anyone who is plugged ...
Emotet Malware Update and Development
OVERVIEW Emotet is a pervasive and modular credential theft trojan which has historically been leveraged by threat actors in order to collect usernames and passwords for various financial institutions. However, beginning in ...
Emotet Downloader Document Uses Regsvr32 for Execution
Executive Summary This paper investigates a recent Emotet intrusion and details how the final Emotet payload is installed onto the system. The key observations are: Obfuscated Excel macros used to download and ...
Emotet Proved Too Effective for Threat Actors to Abandon
Old malware—even strains that have been taken down by law enforcement—never die. Nor do they just fade away; instead, they disappear for a while, regroup and re-emerge. This is exactly what the ...