Emotet
This malware was first identified by security researchers in 2014 as a simple banking trojan. Later versions of the malware evolved and included the addition of malware delivery services, including the ability to install other banking trojans.In August 2017, Emotet was connected to another banking trojan, Dridex—Emotet “dropped” Dridex as an additional payload. The technique of using one piece of malware to drop another is not new, but it is significant to see banking trojans “working together.” As of September 2018, Emotet was utilizing the EternalBlue Windows vulnerability (first seen with the WannaCry ransomware) in order to propagate.This powerful vulnerability has had a patch out, however, there are still devices out there that haven’t yet patched against the SMB (file sharing) vulnerability. Emotet is not a continually running malware; it tends to run through geographically centered campaigns, yet its techniques are constantly evolving and it continues to be dangerous.