Emotet Exposed - Inside the Cybercriminals Supply Chain

Presented by

Giovanni Vigna (Sr. Director of Threat Intelligence, VMware) and Stefano Ortolani (Threat Research Lead, VMware)

About this talk

New analysis from VMware delves deep into the most recent waves of the Emotet botnet, providing never-before-seen insights into the malware delivery mechanism’s malicious components and modules, its execution chains and its software development lifecycle. This webcast will reveal key findings and takeaways from VMware’s researchers, who managed to bypass anti-analysis techniques in order to map Emotet’s dynamic infrastructure. This presentation will offer: • A review of Emotet’s infection chain process, along with its TTPs and IOCs. Plus, similarity metrics that allow for the clustering of similar infection techniques. • An inside look at Emotet’s command-and-control network infrastructure, and its AGILE-like software development life cycle. • “How-tos” for creating Emotet sock puppets (for fetching modules) and extracting its recently updated configuration. • An analysis of two recently updated modules that differ from previous Emotet attacks – one that steals credit card info from users of Google Chrome and one that exploits the SMB protocol to proliferate. • Tips and recommendations for mounting a more ironclad defense.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (122)
Subscribers (8403)