Emotet is a highly successful and difficult to pin down polymorphic and modular malware campaign. Generating over 1 million malicious e-mails a day, the growth of this threat is predicted to continue

Discuss some more about this emotet whitepaper

Stay tuned for our whitepaper discussing a machine learning approach to identifing Emotet:

Checkout a Sample Set of Emotet!
Latest InQuest™ Blog Posts

Adobe XMP: Tales of an Overlooked Anchor

Posted on 2019-09-20 by Pedram Amini

In this blog, we discuss Adobe Extensible Metadata Platform (XMP) identifiers and how they can be used as both pivot and detection anchors. Defined as a standard for mapping graphical asset relationships, XMP allows for tracking of both parent-child relationships and individual revisions.

Read more

Robs Blog

Posted on 2019-08-30 by Rob King

InQuest labs tool

Read more
InQuest™ Labs Research Spotlight


Zero Width Shortener (abbreviated as ZWS) is a URL shortener that shortens URLs using spaces that have zero width, making them invisible to humans.

Read more


Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including appc and docker).

Read more


Invoke-Obfuscation is a PowerShell v2.0+ compatible PowerShell command and script obfuscator.

Read more
Global Security Events

Emotet, today's most dangerous botnet, comes back to life

Emotet, one of today's largest and most dangerous malware botnets, has returned to life after a period of inactivity that lasted nearly four months, since the end of May this year.

Read more

Treasury Sanctions North Korean State-Sponsored Malicious Cyber Groups

The U.S. Department of the Treasury’s Office of Foreign Assets Control announced sanctions targeting three North Korean state-sponsored malicious cyber groups responsible for North Korea’s malicious cyber activity on critical infrastructure.

Read more

Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks

A previously undocumented attack group is using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers’ customers.

Read more
InQuest™ Insider - Your monthly resource for the latest in cyber security news, trends, tips and tools. Subscribe here.
Copyright © InQuest™ 2019