Quote:Cofense Intelligence observed multiple campaigns distributing the modular and extremely dangerous Emotet banking Trojan with the added capability of using stolen email templates to impersonate "major US financial institutions."

The new Emotet strain comes with the added ability of "enabling the theft of up to 16KB of raw emails and threads" either for allowing the Trojan to steal phishing templates, to boost the bad actors' social engineering toolset or for selling the results to any interested party,

Once the emails landed on a target's computer and the Word documents were opened, the hidden malicious macros contained within would download an Emotet sample and automatically execute it to infiltrate the machine. Although quite a versatile banking Trojan on its own, following a successful infection Emotet downloads an additional malware payload, in this case, the IcedID banking Trojan.