Emotet spam trojan surges back to life after 5 months of silence

DVDR_Dog · Jul 19, 2020

Hey here's a fun one that's coming back to life. Once again many thanks to Lawrence Abrams and the whole crew over at Bleeping.
Great guide. Covers vector of entry, changes it makes to the system and the damage it causes. Give it a read. It gives you great insight on a typical spammer virus.
https://www.bleepingcomputer.com/ne...urges-back-to-life-after-5-months-of-silence/

cndps · Jul 21, 2020

A new variant?

DVDR_Dog · Jul 22, 2020

cndps said:
A new variant?

That depends. In the strictest definition, no. It's the same framework that's used to deliver the payload.
From that point on it's a different macro that sets in motion a different series of downloads and programs but the end result is similar. Why that framework isn't being flagged is I suspect it's pretty generic, it's that first macro being executed that causes all the chaos. Haven't seen an infection of Emot but I would suspect any good A/V would flag the resulting macro or at least be highly suspect.

Emotet spam trojan surges back to life after 5 months of silence

DVDR_Dog

cndps

Well-Known Member

DVDR_Dog

Similar threads

Latest posts

Emotet spam trojan surges back to life after 5 months of silence

DVDR_Dog

cndps

Well-Known Member

DVDR_Dog

Similar threads

Log in

Latest posts