skip to Main Content

Cybercrime, fake DHL booking carries a new Formbook campaign

Tecnica analysis by the Malware Hunter JAMESWT

Fake DHL booking carries a new Formbook campaign. The email .xz attachment contains an exe file disguised as a pdf, the malware itself. This, if opened, activates the infection

A fake DHL email conveys the latest global Formbook campaign.

The bait is the booking of an expedition. The .xz attachment contains an exe file disguised as a pdf, the malware itself.

This, if open, activates the chain of infection. The goal of cybercrime is to steal sensitive data from victims. FormBook, in fact, through the keylogger function, is able to acquire everything the user types. It can also steal email and browser credentials as well as take screenshots. Finally, it has the ability to remotely issue commands on the infected PC, such as downloading additional payloads or updating those present.

Malware C2

Back To Top