{"id":14751,"date":"2019-03-05T06:50:22","date_gmt":"2019-03-05T14:50:22","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2019\/03\/05\/news-8500\/"},"modified":"2019-03-05T06:50:22","modified_gmt":"2019-03-05T14:50:22","slug":"news-8500","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/03\/05\/news-8500\/","title":{"rendered":"Emotet 101, stage 3: The Emotet executable"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/sophos.files.wordpress.com\/2016\/02\/outil-de-suppression-des-virus1.png\"\/><\/p>\n<p><strong>Credit to Author: hajnalkakope| Date: Tue, 05 Mar 2019 13:57:54 +0000<\/strong><\/p>\n<p><a href=\"http:\/\/feedproxy.google.com\/~r\/sophos\/dgdY\/~3\/CfniXxu0bac\/\" target=\"bwo\" >http:\/\/feeds.feedburner.com\/sophos\/dgdY<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/sophos.files.wordpress.com\/2016\/02\/outil-de-suppression-des-virus1.png\"\/><\/p>\n<p><strong>Credit to Author: hajnalkakope| Date: Tue, 05 Mar 2019 13:57:54 +0000<\/strong><\/p>\n<p>By SophosLabs Research Emotet&amp;#8217;s arrival is usually preceded by a deceptive spam email, which has a malicious attachment. Opening the attachment starts a process which can lead to an Emotet infection. The Emotet application is an evolved binary, in the sense that it has gone through thousands of iterations over its existence. Its presence as [&amp;#8230;]&lt;img src=&#8221;http:\/\/feeds.feedburner.com\/~r\/sophos\/dgdY\/~4\/CfniXxu0bac&#8221; height=&#8221;1&#8243; width=&#8221;1&#8243; alt=&#8221;&#8221;\/&gt;<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10377],"tags":[10519,10500,15715,19470,11928,3764,13001,18428,21149,10383,18513,10518,10882,13072],"class_list":["post-14751","post","type-post","status-publish","format-standard","hentry","category-security","category-sophos","tag-10519","tag-bot","tag-emotet","tag-maldocs","tag-malspam","tag-malware","tag-payload","tag-pdf","tag-sophos101","tag-sophoslabs","tag-sophoslabs-uncut","tag-spam","tag-word","tag-xml"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14751","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=14751"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14751\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=14751"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=14751"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=14751"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}