What is Emotet?

Emotet is a malware initially designed as banking malware that today is mainly used as infrastructure for malware deployment.

There have been partnerships with other actors in the past, such as Trickbot, who have used it extensively to support their infections, often leading to Ryuk ransomware attacks.

Although Emotet was shut down by the authorities in January 2021, it was back up and running again in November 2021. Today Emotet is very active and constantly evolving to improve both its delivery and evasion mechanisms for defensive capabilities.

Based on the studies carried out by our Threat Hunting team, Emotet can currently deploy the following capabilities or modules:

Sending emails with malicious attachments.
Module for performing various techniques for lateral movements.
Modules to recover passwords used by the victim in different applications (fundamentally email and web)

We are using cookies to give you the best experience on our website. You can find out more about which cookies we are using or switch them off in Cookies Settings

Necessary

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

Necessary cookies

3rd Party Cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages. Keeping this cookie enabled helps us to improve our website.

3rd party cookies

Cookies policy