FormBook

GPTKB entity

Statements (33)
Predicate Object
gptkbp:instanceOf malware
gptkbp:availableOn malware-as-a-service
gptkbp:canBeCaptured screenshots
clipboard data
keystrokes
gptkbp:canDownload additional payloads
gptkbp:canInject code into processes
gptkbp:canSteal FTP credentials
browser credentials
email credentials
other application credentials
gptkbp:connectsTo cybercrime
espionage
phishing campaigns
financial theft
gptkbp:detects gptkb:security
gptkbp:distributedBy exploit kits
malspam
gptkbp:firstObserved 2016
https://www.w3.org/2000/01/rdf-schema#label FormBook
gptkbp:isObfuscatedBy encryption
anti-analysis techniques
packers
gptkbp:isSoldOn underground forums
gptkbp:platform gptkb:Windows
gptkbp:successor XLoader
gptkbp:type gptkb:keyboard
information stealer
gptkbp:usedFor data exfiltration
credential theft
form grabbing
gptkbp:bfsParent gptkb:AgentTesla
gptkbp:bfsLayer 7