skip to Main Content

Cybercrime, AgentTesla payment-themed new campaign

Malware Hunter JAMESWT Technical Analysis

New payment-themed AgentTesla campaign. The gz attachment of a fake email on a bank transfer contains an exe file: the malware itself. The stolen data is then exfiltrated via FTP

AgentTesla is back with a new payment-themed campaign.

The gz attachment of a fake email on a bank transfer contains an exe file: the malware itself. The stolen data is then exfiltrated via FTP.

AgentTesla, through the keylogger function, is able to acquire everything the user types. Furthermore, it can steal browser emails and credentials and take screenshots. Finally, it has the ability to remotely issue commands on the infected PC, such as downloading additional payloads or updating existing ones.

Back To Top