Concrete signature match: Trojan - Appears legitimate but performs malicious actions for 32-bit Windows platform, family FormBook
This is a concrete detection for FormBook, a well-known and potent information-stealing trojan. It is designed to harvest sensitive data, including credentials from web browsers and email clients, log keystrokes, and can download and execute additional malware.
No detailed analysis available from definition files.
305d433cd3c67e17d99ae1a99fd3efb54907d55c55e4c6b9f13bb3aa6bbf3a21172c3076e5d6bfe9089a1e092d1286e77337bc3680db32539e3a7bf69b7d056077be2ee5c55a9c5f20b6522fb6fbd174465481ad60b5143c95ee31e16fccaf8ef1480ae593b10cb4e34ca69aad57cbc14ca94b3aed963c870affd9dba7bb23568409c2dbea8abea1f92301840dbd317620a985ccf323fb3df04ae51703786cb6Immediately isolate the infected machine from the network to prevent further data exfiltration or lateral movement. Run a full antivirus scan to remove the threat. Reset all user passwords stored on or accessed from the machine and consider reimaging the device to ensure complete removal.