The On Again, Off Again Emotet is Now Back On

  |  Source: 

The On Again, Off Again Emotet is Now Back On

Category: Malware Campaign | Industry: Global | Level: Tactical | Source: Cofense

Emotet campaigns have fluctuated between surging and dormant since the infamous malware returned in November 2022. As of the morning of Tuesday, March 7th, 2023, at 8:00 AM EST, new malicious emails containing Emotet were circulating. The latest campaigns were discovered by security researcher, Cryptolaemus and researchers from Cofense, who have discovered the spam emails are carrying a weaponized Office document. The malicious document contains embedded macros contained within a compressed zip file. After the user accepts the “Enable Content” prompt, the malicious macros execute to retrieve Emotet DLLS from a remote site and execute them on the host machine.

Anvilogic Scenario:

  • Malicious File Delivering Malware

Anvilogic Use Cases:

  • Compressed File Execution
  • Malicious Document Execution
  • Wscript/Cscript Execution

Get trending threats published weekly by the Anvilogic team.

Sign Up Now