• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   EMOTET

Emotet Adds New Evasion Technique

  • Posted on:April 25, 2019 at 4:55 am
  • Posted in:Botnets, Malware
  • Author:
    Trend Micro
0

Over the years, Emotet, the banking malware discovered by Trend Micro in 2014, has continued to be a prevalent and costly threat. Recently, an analysis of Emotet traffic has revealed that new samples use a different POST-infection traffic than previous versions. It seems Emotet actors are looking for new ways to evade detection.

Read More
Tags: EMOTET

Emotet-Distributed Ransomware Loader for Nozelesn Found via Managed Detection and Response

  • Posted on:March 29, 2019 at 5:00 am
  • Posted in:Ransomware
  • Author:
    Trend Micro
0

Through our managed detection and response (MDR) monitoring, we discovered the modular Emotet malware distributing the Nymaim malware, which then loads the Nozelesn ransomware. We detected this particular Emotet variant in one of our monitored endpoints in the hospitality industry in February 2019. For this threat investigation, we also sourced 580 similar Emotet file attachment samples from our telemetry and gathered data between January 9, 2019 and February 7, 2019.

Read More
Tags: EMOTETManaged Detection and ResponseMDRNozelesnNymaimransomware

URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader

  • Posted on:December 18, 2018 at 4:51 am
  • Posted in:Botnets, Malware
  • Author:
    Trend Micro
0

We analyzed samples of EMOTET, URSNIF, DRIDEX and BitPaymer and found similar payload loaders and internal data structures, possibly implying that these different groups are familiar with and are working closely together.

Read More
Tags: BitPaymerDRIDEXEMOTETURSNIF

Exploring Emotet: Examining Emotet’s Activities, Infrastructure

  • Posted on:November 16, 2018 at 4:43 am
  • Posted in:Botnets, Malware, Spam
  • Author:
    Trend Micro
0

Discovered by Trend Micro in 2014, the banking Trojan Emotet has been brought back to life by malware authors last year with its own spamming module that has allowed it to spread, target new industries and regions, and evade sandbox and malware analysis techniques. This year, we examined Emotet’s activities to learn more about how this modular malware wreaks havoc: We did a comprehensive research on Emotet’s artifacts — 8,528 unique URLs, 5,849 document droppers, and 571 executables collected between June 1, 2018 and September 15, 2018 — to discover Emotet’s infrastructure as well as possible attribution information.

Read More
Tags: EMOTET

New EMOTET Hijacks a Windows API, Evades Sandbox and Analysis

  • Posted on:November 15, 2017 at 6:43 am
  • Posted in:Malware
  • Author:
    Rubio Wu (Threats Analyst)
0

We discussed the re-emergence of banking malware EMOTET in September and how it has adopted a wider scope since it wasn’t picky about the industries it attacks. We recently discovered that EMOTET has a new iteration (detected as TSPY_EMOTET.SMD10) with a few changes in its usual behavior and new routines that allow it to elude…

Read More
Tags: EMOTETsandbox evasionWindows API
Page 1 of 212

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.