What I got

Some time ago I got my first phishing email and decided to document it. Here’s the email I received. I know, very convincing :33

The Malware

Just your bog standard bot email. But attached to it was a little treat named ENQ1825.txz. So I went over to tria.ge, fired up a VM and got back a nice 10 out of 10 danger level. That’s some malware alright.

Apparently it’s a Trojan, Spyware, RAT and an Infostealer.

More specifically from the Formbook family and from what I could find on Malpedia it’s mainly an Infostealer.

For any of y’all interested in the details here’s a big ass screenshot of the report: https://drive.proton.me/urls/335X5PGP8C#9vaGICUu1SRV

Conclusion

I got the usual spam mail and wanted to share what kind of malware I got.