Alias Description | Votes |
---|---|
QakBot is a possible alias for Emotet. Qakbot is a potent piece of malware, or malicious software, that infiltrates computer systems through suspicious downloads, emails, or websites. Once installed, it can steal personal information, disrupt operations, or even hold data hostage for ransom. This malware, built by various groups includin | 9 |
IcedID is a possible alias for Emotet. IcedID is a type of malware, malicious software designed to exploit and damage computer systems. It has been identified in association with various other malwares such as Qakbot, BazarLoader, CobaltStrike, Conti, Gozi, Trickbot, Quantum, Emotet, and Pikabot. The IcedID IntBot Loader (int-bot.dll) is | 8 |
Qbot is a possible alias for Emotet. Qbot, also known as Qakbot or Pinkslipbot, is a modular information stealer malware that first emerged in 2007 as a banking trojan. Its evolution has seen it become an advanced strain of malware used by multiple cybercriminal groups to prepare compromised networks for ransomware infestations. The fi | 8 |
Ta542 is a possible alias for Emotet. TA542, also known as Mealybug or Mummy Spider, is a notable threat actor in the cybersecurity landscape that operates the Emotet malware family. Active since 2014, this group has evolved the initial banking Trojan into a sophisticated and profitable malware delivery vehicle. The group's operations a | 4 |
Alias Description | Association Type | Votes |
---|---|---|
The TrickBot Malware is associated with Emotet. TrickBot is a notorious malware that has been used extensively by cybercriminals to exploit and damage computer systems. It operates as a crimeware-as-a-service platform, infecting systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can stea | Unspecified | 13 |
The Ryuk Malware is associated with Emotet. Ryuk is a type of malware known as ransomware, which has been utilized by the threat group ITG23 for several years. This group has been notorious for crypting their malware, with crypters seen in use with other malware such as Trickbot, Emotet, Cobalt Strike, and Ryuk. In 2019, most ransomware inves | Unspecified | 6 |
The Dridex Malware is associated with Emotet. Dridex is a notorious malware, specifically a banking Trojan, designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites. This malicious software was primarily used by the Russian cybercriminal group, Evil Corp, founded in 2014. The group ta | Unspecified | 6 |
The Conti Malware is associated with Emotet. Conti is a notorious type of malware, specifically ransomware, that infiltrates computer systems to steal data and disrupt operations. The malicious software often spreads through suspicious downloads, emails, or websites, and once inside, it can hold data hostage for ransom. The Conti ransomware op | Unspecified | 6 |
The Bazarloader Malware is associated with Emotet. BazarLoader is a form of malware that has been utilized extensively by ITG23, a cybercriminal group. This harmful software infiltrates systems via suspicious downloads, emails, or websites, potentially stealing personal information, disrupting operations, or holding data for ransom. ITG23 has used B | Unspecified | 4 |
The Formbook Malware is associated with Emotet. Formbook is a type of malware, malicious software designed to exploit and damage computer systems. It infects systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. Formbook has been linked with other forms o | Unspecified | 3 |
The Dave Loader Malware is associated with Emotet. Dave Loader, also known as Domino Backdoor, is a potent malware that has been utilized in various cybercrime operations. This malicious software is designed to infiltrate computer systems and compromise user data, often without the victim's knowledge. It can be delivered through dubious downloads, e | Unspecified | 2 |
The Darkgate Malware is associated with Emotet. DarkGate is a multifunctional malware known for its capabilities in information and credential stealing, cryptocurrency theft, and ransomware delivery. A recent campaign has seen it exploit a zero-day vulnerability in Microsoft Windows, allowing it to infiltrate systems undetected. DarkGate can be d | Unspecified | 2 |
The Lokibot Malware is associated with Emotet. LokiBot is a malicious software, or malware, that was first reported on October 24, 2020. It is designed to exploit and damage computer systems by infiltrating them through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, LokiBot steals personal information | Unspecified | 2 |
The Agent Tesla Malware is associated with Emotet. Agent Tesla is a well-known malware that primarily targets systems through phishing attacks, exploiting an outdated Microsoft Office vulnerability (CVE-2017-11882). This malicious software is designed to infiltrate computer systems, often without the user's knowledge, and can steal personal informat | Unspecified | 2 |
The Lockbit Malware is associated with Emotet. LockBit is a notorious malware that operates on a ransomware-as-a-service model, which has been responsible for significant cyber attacks across the globe. One of its most high-profile targets was Boeing, from whom the LockBit gang claimed to have stolen data. This incident not only disrupted operat | Unspecified | 2 |
The Hive Malware is associated with Emotet. Hive is a malicious software (malware) known for its ransomware capabilities, which has been highly active in numerous countries, including the US. This malware infects systems often through suspicious downloads, emails, or websites, disrupting operations and stealing personal information. Notably, | Unspecified | 2 |
The Zloader Malware is associated with Emotet. ZLoader is a form of malware, or malicious software, that is designed to exploit and damage computer systems. This harmful program can infiltrate a device through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it has the potential to steal personal inform | Unspecified | 2 |
The Cobaltstrike Malware is associated with Emotet. CobaltStrike is a type of malware, or malicious software, that infiltrates systems to exploit and damage them. It can gain access via suspicious downloads, emails, or websites and then steal personal information, disrupt operations, or hold data for ransom. CobaltStrike has been observed in conjunct | Unspecified | 2 |
The Ursnif Malware is associated with Emotet. Ursnif, also known as Gozi or ISFB, is a type of malware that has been distributed by threat actor group TA551. This harmful software can infiltrate systems via suspicious downloads, emails, or websites, and once inside, it can steal personal information, disrupt operations, or even hold data for ra | Unspecified | 2 |
The Doppelpaymer Malware is associated with Emotet. DoppelPaymer is a type of malware, specifically ransomware, that was initially developed and operated by the GOLD DRAKE threat group under the name BitPaymer. The software was later reworked and renamed to DoppelPaymer by another threat group, GOLD HERON. This malicious software first appeared in mi | Unspecified | 2 |
The Black Basta Malware is associated with Emotet. Black Basta is a notorious malware and ransomware group known for its high-profile attacks on various sectors. The group, also known as Storm-0506, has been active since at least early 2022 and has accumulated over $107 million in Bitcoin ransom payments. It deploys malicious software to exploit vul | Unspecified | 2 |
The Mirai Malware is associated with Emotet. Mirai is a type of malware that specifically targets Internet of Things (IoT) devices to create a botnet, which can then be used for various malicious activities. The Mirai botnet had a significant impact in early 2022, accounting for over 7 million botnet detections globally. However, there was a 9 | Unspecified | 2 |
The GuLoader Malware is associated with Emotet. GuLoader is a potent malware that has been causing significant cybersecurity concerns. It operates by infecting systems through suspicious downloads, emails, or websites and then proceeds to exploit the system, often stealing personal information, disrupting operations, or holding data hostage for r | Unspecified | 2 |
The REvil Malware is associated with Emotet. REvil is a notorious malware, specifically a type of ransomware, that gained prominence in the cybercrime world as part of the Ransomware as a Service (RaaS) model. This model became increasingly popular in 2020, establishing relationships between first-stage malwares and subsequent ransomware attac | Unspecified | 2 |
The malware Emotet, Trickbot is associated with Emotet. | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Mealybug Threat Actor is associated with Emotet. Mealybug, a cybercrime group also known as TA542, has been operating the Emotet malware family since 2014. In recent years, Mealybug has significantly enhanced its malicious activities by updating the Emotet malware to a 64-bit architecture and implementing multiple new obfuscations to protect their | Unspecified | 3 |
The Alphv Threat Actor is associated with Emotet. AlphV, also known as BlackCat, is a notorious threat actor that has been active since November 2021. This group pioneered the public leaks business model and has been associated with various ransomware families, including Akira, LockBit, Play, and Basta. AlphV gained significant attention for its la | Unspecified | 3 |
The MUMMY SPIDER Threat Actor is associated with Emotet. Mummy Spider, a known eCrime group, is recognized for its development of the Emotet malware. This threat actor has been linked to various names such as Gold Crestwood, TA542, and Mealbug, showcasing its extensive reach and influence in cybercrime activities. The cybersecurity industry has identified | Unspecified | 3 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Unit42 | 2 months ago | ||
ESET | 2 months ago | ||
CERT-EU | 10 months ago | ||
BankInfoSecurity | 4 months ago | ||
RIA - Information System Authority | 4 months ago | ||
RIA - Information System Authority | 4 months ago | ||
RIA - Information System Authority | 4 months ago | ||
RIA - Information System Authority | 4 months ago | ||
RIA - Information System Authority | 4 months ago | ||
RIA - Information System Authority | 4 months ago | ||
DARKReading | 4 months ago | ||
BankInfoSecurity | 5 months ago | ||
BankInfoSecurity | 5 months ago | ||
Securelist | 5 months ago | ||
DARKReading | 6 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 8 months ago | ||
DARKReading | 9 months ago | ||
CERT-EU | 9 months ago |