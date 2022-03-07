Log in
    FTNT   US34959E1091

FORTINET, INC.

(FTNT)
Fortinet : MS Office Files Involved Again in Recent Emotet Trojan Campaign – Part I

03/07/2022 | 01:20pm EST
Affected platforms: Microsoft Windows
Impacted parties: 64-bit Windows Users
Impact: Controls victim's device and collects sensitive information
Severity level: Critical

Recently, Fortinet's FortiGuard Labs captured more than 500 Microsoft Excel files that were involved in a campaign to deliver a fresh Emotet Trojan onto the victim's device.

Emotet, known as a modular Trojan, was first discovered in the middle of 2014. Since then, it has become very active, continually updating itself. It has also been highlighted in cybersecurity news from time to time. Emotet uses social engineering, like email, to lure recipients into opening attached document files (including Word, Excel, PDF, etc.) or clicking links within the content of the email that download Emotet's latest variant onto the victim's device and then execute it.

Our FortiGuard Labs team has monitored Emotet Trojan campaigns in the past and posted numerous technical analysis blogs.

This time, I grabbed an Excel file from the captured samples and conducted deep research on this campaign. In this part I of my analysis, you can expect to learn: how an Excel file is leveraged to spread Emotet, what anti-analysis techniques Emotet uses in this variant, how it maintains persistence on a victim's device, how this Emotet variant communicates with its C2 server, and how other modules are delivered, loaded, and executed on a victim's system.

Looking into the Excel File

Disclaimer

Fortinet Inc. published this content on 07 March 2022 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 07 March 2022 18:19:01 UTC.


© Publicnow 2022
Financials (USD)
Sales 2022 4 298 M - -
Net income 2022 684 M - -
Net cash 2022 3 146 M - -
P/E ratio 2022 83,7x
Yield 2022 -
Capitalization 53 947 M 53 947 M -
EV / Sales 2022 11,8x
EV / Sales 2023 9,48x
Nbr of Employees 10 195
Free-Float 81,7%
Managers and Directors
Ken Xie Chairman & Chief Executive Officer
Michael Xie President, Director & Chief Technology Officer
Keith Franklin Jensen CFO, Chief Accounting Officer & Controller
Phil Quade Chief Information Security Officer
William H. Neukom Lead Independent Director
Sector and Competitors
1st jan.Capi. (M$)
FORTINET, INC.-6.66%53 947
ACCENTURE PLC-24.22%198 549
TATA CONSULTANCY SERVICES LTD.-5.72%170 434
INTERNATIONAL BUSINESS MACHINES CORPORATION-5.27%113 871
INFOSYS LIMITED-8.71%94 431
AUTOMATIC DATA PROCESSING, INC.-15.46%87 563