Emotet spam trojan surges back to life after 5 months of silence

Qries

DVDR_Dog

Well-Known Member
Ultimate Donator
Donator
Nov 5, 2018
705
OS
Windows 10
BR
Chrome 83.0.4103.116
  • Like
Reactions: ThumperTM

DVDR_Dog

Well-Known Member
Ultimate Donator
Donator
Nov 5, 2018
705
OS
Windows 10
BR
Chrome 84.0.4147.89
A new variant?
That depends. In the strictest definition, no. It's the same framework that's used to deliver the payload.
From that point on it's a different macro that sets in motion a different series of downloads and programs but the end result is similar. Why that framework isn't being flagged is I suspect it's pretty generic, it's that first macro being executed that causes all the chaos. Haven't seen an infection of Emot but I would suspect any good A/V would flag the resulting macro or at least be highly suspect.
 

Similar threads