New: Threat Exposure Validation Impact Report 2025
Learn More
Join our Summer Webinar Series on Threat Exposure Validation
Register Now
Come meet us at Black Hat USA 2025 | Booth 1640
Book a Meeting

Emotet Leads To Quantum Ransomware Infection

November 30, 2022

Threat actors were observed using Emotet to gain access to the victim's network and deploy Quantum ransomware to devices on the domain. Various tools were used for lateral movement, data exfiltration, and remote access including Cobalt Strike, Rclone, Tactical RMM, and AnyDesk. Legitimate Windows tools such as systeminfo, ping, net, nltest, and whoami were used for local and remote discovery.