| ID | X0028 |
| Aliases | Geodo |
| Platforms | Windows |
| Year | 2018 |
| Associated ATT&CK Software | None |
Emotet is a banking trojan. [1]
| Name | Use |
|---|---|
| Executable Code Obfuscation | Emotet macros are heavily obfuscated with junk functions and string substitutions. [2] |
[1] https://cofense.com/dark-realm-shifting-ways-geodo-malware
[2] https://cofense.com/recent-geodo-malware-campaigns-feature-heavily-obfuscated-macros/