S0367Windows

S0367Emotet

Platforms
1
ATT&CK
14.1
References
14

Description

[Emotet](https://attack.mitre.org/software/S0367) is a modular malware variant which is primarily used as a downloader for other malware variants such as [TrickBot](https://attack.mitre.org/software/S0266) and [IcedID](https://attack.mitre.org/software/S0483). Emotet first emerged in June 2014 and has been primarily used to target the banking sector. (Citation: Trend Micro Banking Malware Jan 2019)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0367
  2. https://blog.talosintelligence.com/2019/01/return-of-emotet.html
  3. https://www.cisecurity.org/blog/emotet-changes-ttp-and-arrives-in-united-states/
  4. https://www.cisecurity.org/white-papers/ms-isac-security-primer-emotet/
  5. https://redcanary.com/blog/stopping-emotet-before-it-moves-laterally/
  6. https://www.welivesecurity.com/2018/11/09/emotet-launches-major-new-spam-campaign/
  7. https://www.secureworks.com/blog/lazy-passwords-become-rocket-fuel-for-emotet-smb-spreader
  8. https://www.picussecurity.com/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc.html
  9. https://blog.trendmicro.com/trendlabs-security-intelligence/new-banking-malware-uses-network-sniffing-for-data-theft/
  10. https://securelist.com/the-banking-trojan-emotet-detailed-analysis/69560/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
IcedID
Software
TrickBot
Software
QakBot
Software
Lokibot
Actor
MUMMY SPIDER
Software
Stuxnet
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.