Command and control (C2) servers for Emotet botnet appear to have resumed activity and deliver binaries once more. This comes after being inert since the beginning of June. Cofense Labs noticed that the C2 servers began delivering responses to POST requests around 3PM EST on August 21. The reason is that they need time to rebuild the botnet, clean it of bots from security researchers, and prepare the spam campaigns. MalwareTech also noticed activity from multiple geographical locations, including Brazil, Mexico, Germany, Japan, and the U.S.
Source: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/