Malware – Removal – Emotet TrikBot

emotet is also known as: HPmal/Emotet-C, HPmal/TrikBot-G, Mal/EncPk-AN, HPmal/Crushr-AU, Troj/Inject-DTW, Troj/LnkRun-T

Emotet was originally designed as a banking trojan (stealing account credentials) but has evolved to supporting spamming on its own as well as the downloading of other malware.

Emotet is also an uploader. Traditionally the payloads have mostly been banking Trojans, with TrickBot being the most prevalent. Other payloads have included Qbot, Dridex, IcedID. There is also a connection between Emotet and a very dangerous targeted ransomware family called BitPaymer.

For more information on this botnet, and mitigation strategies, please see:

  1. US CERT
  2. Malwarebytes Emotet Introduction
  3. Emotet removal (Sophos)
  4. Emotet Removal (Malwarebytes)

Norton Power Eraser is a free tool and doesn’t require installation. It just needs to be downloaded and run. One of our team has tested the tool with Zeus, Ice-X, Citadel, ZeroAccess and Cutwail. It was able to detect and clean up the system in each case. It probably works with many other infections.

If Microsoft Windows Defender is available to you, use it!

**NEW to emPSN September 2019** Free Use of Malwarebytes cloud console – https://www.empsn.org.uk/malwarebytes/

Keeping Up To Date With Us Is Easy, Sign Up To Our Newsletter Today!

Stay in touch with emPSN, so that you get the latest e-safety advice and invites to our community events.

    Our partners