It asks to open a link to revise an agreement. It lands to a website that simulates the victim’s organization homepage, in which the user has only to digit the password.
Technical Analysis by the Malware Hunter JAMESWT
“Payment Advice for Outstanding Invoices” conveys Formbook. The email gz attachment contains an exe file: the malware itself. Objective: to steal information from the victim
The email with the subject “Payment Advice for Outstanding Invoices” distributes a new Formbook campaign.
The Gz attachment contains an exe file: the malware itself. Objective: to steal sensitive data from victims. Formbook, in fact, through the keylogger function, is able to acquire everything the user types. It can also steal email and browser credentials, as well as take screenshots. Finally, it has the ability to remotely issue commands on the infected PC, such as downloading additional payloads or updating those present.