A new TrickBot variant shows that the malware is continuing to swap out new anti-analysis and persistence tactics. The malware has evolved to send spam to victim email lists, adopt new detection evasion methods and act as a delivery vehicle for other malware, such as Emotet. Researchers discovered the latest variant in a malicious Word document, which they believe is part of a phishing campaign. The payload downloads modules from its Command and Control (C2) server, and loads and executes them.
Source: https://threatpost.com/new-trickbot-variant-updates-anti-analysis-tricks/153616/