The xz attachment of a fake bank email contains an exe file: the malware.
Malware Hunter JAMESWT Technical Analysis
Emotet via real stolen email conversation is back. The zip attachment contains an xls file, which contacts an internal list of url and downloads the dll, starting the malware infection
Emotet is hidden inside again an email that exploits a real stolen conversation.
The password-protected zip attachment (provided in the text) contains an xls file. This contacts an internal list of URLs and downloads the dll, starting the malware infection.
Emotet is a banking Trojan used by cybercrime, to which modules have been added over time that allow it to steal the passwords stored in the victims’ software, infect other computers connected to the same botnet and reuse emails for subsequent spam campaigns.