This family consists of malware that is used for downloading other malware (“bankers”) to a victim’s device. The Emotet malware is distributed mostly by means of phishing email that contains either links to malicious sites, or malicious attachments (PDF or Microsoft Word documents). The PDF documents contain links to malicious sites, and the Microsoft Word documents contain malicious macros and instructions on how to enable these macros.
Geographical distribution of attacks by Trojan-Banker.Win32.Emotet
Geographical distribution of attacks during the period from 12.12.17 – 12.12.18
Top 10 countries with most attacked users (% of total attacks)
*Percentage among all unique Kaspersky Lab users worldwide attacked by this malware