skip to Main Content

Cybercrime, a fake email from an energy company spreads Formbook

Technical analysis by the Malware Hunter JAMESWT

A fake email from an energy company spreads Formbook. The message ACE attachment contains an executable file: the malware itself

“A:. PO-9950647-NP-VSD // Request for PFI P21381 “is the subject of a false email from an energy company, which conveys a new Formbook campaign.

The ACE attachment contains an exe file: the malware itself. Objective: to steal sensitive data from victims. Formbook, in fact, through the keylogger function, is able to acquire everything the user types. It can also steal email and browser credentials, as well as take screenshots. Finally, it has ability to remotely issue commands on the infected PC, such as downloading additional payloads or updating existing ones.

Malware C2

Back To Top