FormBook Malware Distributed via Horus Protector Using Word Docs

(520) 462-0516

FormBook Malware Distributed via Horus Protector Using Word Docs

Forcepoint X-Labs researchers have identified a phishing campaign where attackers distribute the FormBook information-stealing malware using Horus Protector, a malware distribution service designed to evade detection. The campaign employs malicious Microsoft Word documents that exploit the CVE-2017-11882 vulnerability in the Equation Editor. Author: AlienVault

Related Tags:
T1566.001

Formbook

CVE-2017-11882

maldoc

T1071.001

T1203

T1112

T1005

T1027

Associated Indicators:
76E1DCF43D423B12BB11B59F25BA62E0597A9FD4A6E5464A882373169FD934B2

13D970AB6DFE2D757396E640CAF7D009AF1ECCA6

78E6AF67A63DD355F78AB168F343777DB0FB67E2

3D95740CC2FA753A341CCCB0B831379E4F15BEB3

65A1EFAEC29D8501A4BD2AE3AB059B0A8CC0053F

9FF5AAB9A37C48D798BA88DA195E0B1BEC2B752D

C8DF1122B0ECAD87C0EBE17B29241130D359830C

30D9962EB190827860348D69016FF8756B79CD1A

D987081A9DC3C84879D47277F9A203D5AE5560E0

Threat Intel Solutions

FormBook Malware Distributed via Horus Protector Using Word Docs

Search

Popular Posts

Dangerous runC flaws could allow hackers to escape Docker containers

Lost iPhone? Don’t fall for phishing texts saying it was found

NAKIVO Introduces v11.1 with Upgraded Disaster Recovery and MSP Features

Categories

Pages

Archives

Tags

Follow Us