Research Saturday 1.9.21
Ep 165 | 1.9.21

Emotet reemerges and becomes one of most prolific threat groups out there.

Show Notes

Deep Instinct's Shimon Oren joins us to talk about his team's research on "Why Emotet's latest wave is harder to catch than ever before - Part 2." Emotet appears to have reemerged more evasive than before, this time with a payload delivered from a loader that security tools aren’t equipped to handle.

Emotet, the largest malware botnet today, started in 2014 and continues to be one of the most challenging threats in today’s landscape. This botnet causes huge damage by spreading ransomware and info stealers to its infected systems. Recently, a rise in the number of Emotet infections was observed in France, Japan, and New Zealand. The high number of infections shows the effectiveness of the Emotet malware at staying undetected.

Shimon joins us to discuss how Deep Instinct investigated the payload that was encrypted inside the loader, analyzes the next steps in the infection process, and discovers the techniques used to make this malware difficult to analyze.

The original blog post and updated post on the research can be found here: