Handler on Duty: Didier Stevens
Threat Level: green
| Date | Author | Title |
|---|---|---|
| 2024-05-27 | Jan Kopriva | Files with TXZ extension used as malspam attachments |
| 2023-07-12 | Brad Duncan | Loader activity for Formbook "QM18" |
| 2023-06-17 | Brad Duncan | Formbook from Possible ModiLoader (DBatLoader) |
| 2022-10-22 | Didier Stevens | rtfdump's Find Option |
| 2021-11-19 | Xavier Mertens | Downloader Disguised as Excel Add-In (XLL) |
| 2020-11-19 | Xavier Mertens | PowerShell Dropper Delivering Formbook |
| 2020-07-10 | Brad Duncan | Excel spreasheet macro kicks off Formbook infection |
| 2019-11-06 | Brad Duncan | More malspam pushing Formbook |
| 2017-10-03 | Brad Duncan | Malspam pushing Formbook info stealer |
