Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Deep Analysis: FormBook New Variant Delivered in Phishing Campaign – Part III
Malware and Vulnerabilities
April 28, 2021
Fortinet
When FormBook starts in a target process, it loads an ntdll.dll module and then overrides its data with the deployed FormBook malware. This disguises FormBook as an ntdll.dll module when it runs.
Read More
FormBook
Information stealer
Sensitive Information
Phishing campaign
inline hooks
Publisher
Previous
Secrets management and authentication platform Akeyless ...
Companies to Watch
Next
An Analysis of VB6 P-Code Obfuscation
Threat Actors
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_234717916.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/e62e_shutterstock_530554663.jpg)
