Detecting Emotet using Windows Event Logs


Emotet is a trojan malware that steals sensitive information. Many companies are concerned that their users will get infected by this malware and might leak sensitive information.

A customer I’m currently helping with their Security Operations Center (SOC) asked me, how they can detect Emotet in their environment.

Here’s what I came up with – maybe it helps you detecting Emotet or similar malware in your environment, too! (more…)