Technical analysis by the Malware Hunter JAMESWT

New zgRAT campaign via AgentTesla and fake offer list. The rar attachment contains an exe file: the first malware, that downloads the second payload

New zgRAT campaign via AgentTesla and fake offer list.

The rar attachment contains an exe file: the first malware, that download the second payload.

AgentTesla, through the keylogger function, is able to acquire everything the user types. Also, it can steal emails and browser credentials and take screenshots. Finally, it has the ability to remotely issue commands to the infected PC, such as downloading additional payloads or updating existing ones.