Emotet Malware Makes a Comeback with New Evasion Techniques

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
"With the newest wave of Emotet spam emails, the attached .XLS files have a new method for tricking users into allowing macros to download the dropper," BlackBerry disclosed in a report published last week. "In addition to this, new Emotet variants have now moved from 32bit to 64bit, as another method for evading detection."

The method involves instructing victims to move the decoy Microsoft Excel files to the default Office Templates folder in Windows, a location trusted by the operating system to execute malicious macros embedded within the documents to deliver Emotet.

The development points to Emotet's steady attempts to retool itself and propagate other malware, such as Bumblebee and IcedID.

"With its steady evolution over the last eight-plus years, Emotet has continued to become more sophisticated in terms of evasion tactics; has added additional modules in an effort to further propagate itself, and is now spreading malware via phishing campaigns," the company said.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top