Alias Description | Votes |
---|---|
GuLoader is a possible alias for Formbook. GuLoader is a potent malware that has been causing significant cybersecurity concerns. It operates by infecting systems through suspicious downloads, emails, or websites and then proceeds to exploit the system, often stealing personal information, disrupting operations, or holding data hostage for r | 4 |
Jinxloader is a possible alias for Formbook. JinxLoader is a malicious software (malware) that has been identified by cybersecurity experts as a potent threat to computer systems and devices. As a loader malware, its primary function is to infiltrate systems and subsequently download and install additional harmful software. In this case, JinxL | 2 |
Amadey is a possible alias for Formbook. Amadey is a form of malware, a malicious software designed to exploit and damage computer systems. This particular malware is distributed via the Amadey loader, which can be disseminated through phishing emails or downloads from compromised sites. It has been observed that the individual behind the | 2 |
Malvirt is a possible alias for Formbook. MalVirt is a malicious software (malware) that has been observed to be distributed through malvertising attacks, using virtualized .NET malware loaders. The malware infects systems via suspicious downloads, emails, or websites, and once inside, it can disrupt operations, steal personal information, | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Lokibot Malware is associated with Formbook. LokiBot is a malicious software, or malware, that was first reported on October 24, 2020. It is designed to exploit and damage computer systems by infiltrating them through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, LokiBot steals personal information | Unspecified | 6 |
The Agent Tesla Malware is associated with Formbook. Agent Tesla is a well-known malware that primarily targets systems through phishing attacks, exploiting an outdated Microsoft Office vulnerability (CVE-2017-11882). This malicious software is designed to infiltrate computer systems, often without the user's knowledge, and can steal personal informat | Unspecified | 5 |
The Agenttesla Malware is associated with Formbook. AgentTesla is a well-known remote access trojan (RAT) that has been used extensively in cybercrime operations. It infiltrates systems through various methods, including malicious emails and suspicious downloads. Once inside, it can steal personal information, disrupt operations, or hold data hostage | Unspecified | 3 |
The Emotet Malware is associated with Formbook. Emotet is a particularly dangerous and insidious type of malware that has reemerged as a significant threat. This malicious software, which infects systems through suspicious downloads, emails, or websites, can steal personal information, disrupt operations, or even hold data for ransom. Emotet-infe | Unspecified | 3 |
The Qbot Malware is associated with Formbook. Qbot, also known as Qakbot or Pinkslipbot, is a modular information stealer malware that first emerged in 2007 as a banking trojan. Its evolution has seen it become an advanced strain of malware used by multiple cybercriminal groups to prepare compromised networks for ransomware infestations. The fi | Unspecified | 3 |
The REvil Malware is associated with Formbook. REvil is a notorious malware, specifically a type of ransomware, that gained prominence in the cybercrime world as part of the Ransomware as a Service (RaaS) model. This model became increasingly popular in 2020, establishing relationships between first-stage malwares and subsequent ransomware attac | Unspecified | 2 |
The Raccoon Malware is associated with Formbook. Raccoon is a malicious software (malware) developed by Russian-speaking coders, first spotted in April 2019. It was designed to steal sensitive data such as credit card information, email credentials, cryptocurrency wallets, and more from its victims. The malware is offered as a service (MaaS) for $ | Unspecified | 2 |
The Azorult Malware is associated with Formbook. Azorult is a type of malware, or malicious software, that infiltrates systems to exploit and damage them, often without the user's knowledge. It has historically been one of the favored infostealers sold on the marketplace 2easy, alongside RedLine, Raccoon, Vidar, and Taurus. However, as of late Feb | Unspecified | 2 |
The NETWIRE Malware is associated with Formbook. NetWire is a type of malware, specifically a remote access trojan (RAT), that has been utilized for various malicious activities since at least 2014. Initially promoted as a legitimate tool for managing Windows computers remotely, NetWire was quickly adopted by cybercriminals and used in phishing at | Unspecified | 2 |
The Redline Malware is associated with Formbook. RedLine is a type of malware, a malicious software designed to exploit and damage computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, RedLine can steal personal information, disrupt operations, or deliver further | Unspecified | 2 |
The Rescoms Malware is associated with Formbook. Rescoms, also known as Remcos, is a remote access trojan (RAT) malware designed to exploit and damage computer systems by stealing sensitive information. It was primarily used in significant phishing campaigns across Central and Eastern Europe during the second half of 2023. These campaigns utilized | Unspecified | 2 |
The Dotrunpex Malware is associated with Formbook. DotRunpeX is a rapidly evolving and highly stealthy .NET injector malware that has gained significant attention from both security analysts and threat actors. It employs the "Process Hollowing" method to distribute a wide variety of other malware strains, including AgentTesla, ArrowRAT, AsyncRat, Av | Unspecified | 2 |
The malware Avemaria/warzonerat is associated with Formbook. | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2017-11882 Vulnerability is associated with Formbook. CVE-2017-11882 is a significant software vulnerability, specifically a flaw in the design or implementation of Microsoft's Equation Editor. This vulnerability has been exploited by various threat actors to create malicious RTF files, most notably by Chinese state-sponsored groups using the "Royal Ro | Unspecified | 4 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
CERT-EU | 2 years ago | ||
Malware-traffic-analysis.net | 10 days ago | ||
Malware-traffic-analysis.net | a month ago | ||
Malware-traffic-analysis.net | 2 months ago | ||
Securityaffairs | 2 months ago | ||
Securityaffairs | 2 months ago | ||
ESET | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Checkpoint | 5 months ago | ||
SANS ISC | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 6 months ago |