File1, 2, & 3 for tlavine2:


Hello, my name is Trevor and I am an IS certificate student here
at VCU. For this posting, I will share an pieces of an article about one
of the most frusttrating and pervasive types of malware you could come

The arcile, published by malware bytes, first describes the origin
of the Emotet Trojan. "Emotet banking Trojan was first identified by
security researches in 2014. Emotet was orginally designed as a banking
malware that attempted to sneak onto your computer and steal sensitive and
private information. Later versions of the software saw the addition of
spamming and malware delivery services - including other banking trojans."

Next, the article details what makes Emotet so pervasive. "Emotet
uses funcationality that helps the software evade detection by some anti-
malware products. Emotet uses worm-like capabilities to help spread to
connected computers. This helps in distribution of the malware".


Continuing on with "Let's talk Emotet Malware", ana article
published by malwarebytes. So what is Emotet really? I shared it's origins
and functionality, but let's discover what Emotet is at it's core.
According to malwarebytes, at it's core Emotet is a Trojan that is
primarily spread through spam emails. Infections typically arrive via
malicious scripts, macro-enabled document files, or malicious links.

Emotet has gone through several iterations. Early versions of the
malware were delivered as malicious JavaScript files. Now the malware is
usually delivered through macro-enabled documents, which when opened
retrieve the malicious payload from C&C servers owned by the adversaries.

Let's now take a deeper dive into some of Emotets tricks that make
it a unique strain of malware. If an analyst or resercher attempts to
let the malware run in a VM (virtual environment), it will lay dormant to
attempt to evade detection. Analysts use VMs as method of sandboxing
malware, a sandbox is basically just a tool to observe malware without
infection your device.


Moving onto the Emotet's spreading capabilities. According to the
article, "The primary disstribution method for Emotet is through malspam.
Emotet ransacks your contacts list and sends itself to your friends,
family, coworkers, and clients. Since these emails are coming from your
hijacked email account, the emails look less like spam and the recipients,
feeling safe, are more inclined to click bad URLs and download infected

One of the reasons that a widespread Emotet infection could be an
organizations worst nightmare, is what follows after the actual infection.
Emotet is known to drop Trickbot, another banking trojan, onto infected
machines. Trickbot has been linked to dropping EternalBlue, which was
responsible for the WannaCry and NotPetya attacks.

In closing, Emotet should be on the mind of an Cyber Security
Researcher or Analyst. This particular piece of malware can run rampant on
an organization and can be incredibly difficult to combat. One of the best
ways to prevent this malware from infiltrating your network is to
educate the employees on the Network through annual/semi-annual trainigs
as well as phishing simulations. As the primary infection vector for
the malware is through phishing/spear phishing. After you educate
employees, you hope your defense in-depth mitigates the rest.

No lines are longer than 80 characters, TYVM. Other specified properties aren't being scored automatically at this time so this is not necessarily good news...