Handler on Duty: Didier Stevens
Threat Level: green
Date | Author | Title |
---|---|---|
2024-05-27 | Jan Kopriva | Files with TXZ extension used as malspam attachments |
2023-07-12 | Brad Duncan | Loader activity for Formbook "QM18" |
2023-06-17 | Brad Duncan | Formbook from Possible ModiLoader (DBatLoader) |
2022-10-22 | Didier Stevens | rtfdump's Find Option |
2021-11-19 | Xavier Mertens | Downloader Disguised as Excel Add-In (XLL) |
2020-11-19 | Xavier Mertens | PowerShell Dropper Delivering Formbook |
2020-07-10 | Brad Duncan | Excel spreasheet macro kicks off Formbook infection |
2019-11-06 | Brad Duncan | More malspam pushing Formbook |
2017-10-03 | Brad Duncan | Malspam pushing Formbook info stealer |