A zip attachment contains a img with an exe: the malware. The other, a pdf downloading a zip with an exe: the same malware. The data is exfiltrated via SMTP.
Cybercrime, AgentTesla campaign via fake DHL email
AgentTesla campaign via fake DHL email. Z attachment contains an exe file: the malware. The campaign, however, has another C2 than those of these days that use the courier as bait
A fake DHL receipt conveys a new AgentTesla campaign. The z attachment contains an exe file: the malware. The campaign is different from the ones using the courier as bait that are out there these days, as it doesn’t have the same C2s.
AgentTesla, through the keylogger function, is able to acquire everything the user types. Also, it can steal emails and browser credentials and take screenshots. Finally, it has the ability to remotely issue commands to the infected PC, such as downloading additional payloads or updating existing ones.