Despite its ripe old age, Emotet is constantly evolving and remains one of the most current threats out there. Save for the explosive growth in distribution after five months of inactivity, we have yet to see anything previously unobserved; that said, a detailed analysis always takes time, and we will publish the results of the study in due course. On top of that, we are currently observing the evolution of third-party malware that propagates using Emotet, which we will certainly cover in future reports.
Our security solutions can block Emotet at any stage of attack. The mail filter blocks spam, the heuristic component detects malicious macros and removes them from Office documents, while the behavioral analysis module makes our protection system resistant not only to statistical analysis bypass techniques, but to new modifications of program behavior as well.
To mitigate the risks, it is vital to receive accurate, reliable, before-the-fact information regarding the lastest Indicators of Compromise
Indicators of Compromose
Links to Emotet extracted from malicious documents
MD5s of malicious Office documents downloading Emotet
MD5s of Emotet executable files