Emotet malware

GPTKB entity

Statements (41)
Predicate Object
gptkbp:instanceOf malware
gptkbp:alsoKnownAs gptkb:Geodo
gptkb:Heodo
gptkbp:associatedWith gptkb:TA542_threat_group
gptkbp:cause data theft
financial loss
network disruption
gptkbp:commanded remote servers
gptkbp:countryOfOrigin unknown
gptkbp:deliveredBy gptkb:QakBot
gptkb:Ryuk_ransomware
gptkb:TrickBot
gptkbp:detects gptkb:security
gptkbp:discoveredBy 2014
https://www.w3.org/2000/01/rdf-schema#label Emotet malware
gptkbp:laterEvolvedTo malware delivery platform
gptkbp:notableFor global impact
modular architecture
persistence mechanisms
network propagation
high infection rates
use of stolen email threads
gptkbp:originallyDevelopedAs malware
gptkbp:resurfaced November 2021
gptkbp:spreadTo malicious email attachments
malicious email links
gptkbp:takedownBy international law enforcement
gptkbp:takedownDate January 2021
gptkbp:target gptkb:Windows_operating_systems
gptkbp:targetedOrganizations gptkb:government_agency
private companies
individual users
gptkbp:uses PowerShell scripts
encrypted communication
malicious macros
malspam campaigns
DLL files
polymorphic code
gptkbp:bfsParent gptkb:Trickbot
gptkb:TrickBot
gptkbp:bfsLayer 6