skip to Main Content

Cybercrime, fake products order from Australia conveys Agent Tesla

Technical analysis by the Malware Hunter JAMESWT

False products order from Australia conveys Agent Tesla. The mail zip attachment contains an exe, which triggers the malware infection. This steals the data and exfilters it via SMTP

A fake product order from Australia conveys Agent Tesla’s new global campaign. The email compressed attachment in zip format contains an exe file.

This, if opened, triggers the malware infection. Once inside the machine, it steals information which it then exfilters via SMTP.

Agent Tesla, in fact, through the keylogger function, is able to acquire everything the user types. Furthermore, it can steal browser emails and credentials and take screenshots. Finally, it has the ability to remotely issue commands on the infected PC, such as downloading additional payloads or updating existing ones.

Back To Top