The publications are suspended, except for particular events, from 1 to 21 August. In the meantime, we are preparing some news for the second half of the year.
Malware Hunter JAMESWT Technical Analysis
AgentTesla passes from a fake HSBC payment notice. The ace attachment contains an exe file: the malware itself. The stolen data is then exfiltrated via smtp
A false payment notice from HSBC is the lure of a new global AgentTesla campaign.
The ace attachment contains an exe file: the malware itself. The stolen data is then exfiltrated via smtp.
AgentTesla, through the keylogger function, is able to acquire everything the user types. Furthermore, it can steal browser emails and credentials and take screenshots. Finally, it has the ability to remotely issue commands on the infected PC, such as downloading additional payloads or updating existing ones.