Going In-depth with Emotet: Multilayer Operating Mechanisms | Cell Phone Spy and Mobile Tracking Software
Over a period of just five years, Emotet has managed to evolve into one of the most notorious cyber threats in existence – one that causes incidents that cost up to $1 million dollars to rectify, according to US-CERT. We recently reported about Emotet's activities as well as its two infrastructure setups. This follow-up blog post focuses on Emotet's multilayer operating mechanisms, which is one of the malware's noteworthy features mentioned in the first blog. More extensive insight on the way this modular malware operates — as well as a discussion of the possibility that Emotet is tied to Russian-speaking actors — can be found in our research paper "Exploring Emotet's Activities." Multilayer Operating Mechanisms: Document Droppers and Packed Executables The activities of Emotet's artifacts — its document droppers and packed executable samples — showed discrepancies in terms of when each showed signs of activity. As we've mentioned in our previous blog entry, we observed that the