New Inquiry-themed AgentTesla campaign. The “PO#-DSC_0000778” attachment of the “Inquiry/Steel Braided 8 mm Wire materials” email contains a jpg and an exe: the malware. The stolen data is exfiltrated via SMTP to an email

AgentTesla hides in a new Inquiry-themed campaign.

The “PO#-DSC_0000778” attachment of the “Inquiry/Steel Braided 8 mm Wire materials” email contains a jpg file and an exe: the malware. The stolen data is exfiltrated via SMTP to an email address.

AgentTesla, through the keylogger function, is able to acquire everything the user types. Also, it can steal emails and browser credentials and take screenshots. Finally, it has the ability to remotely issue commands to the infected PC, such as downloading additional payloads or updating existing ones.