skip to Main Content

Cybercrime, “Re: Fw: Urgent Inquiry” spreads AgentTesla

Technical analysis by the Malware Hunter JAMESWT

“Re: Fw: Urgent Inquiry” spreads AgentTesla. The Img attachment contains an exe file: the malware. Stolen data is exfiltered by smtp to an email address

“Re: Fw: Urgent Inquiry” is the object of an email that spreads a new AgentTesla campaign.

The Img attachment contains an exe file: the malware. Stolen data is exfiltered by smtp to an email address.

AgentTesla, through the keylogger function, is able to acquire everything the user types. Also, it can steal emails and browser credentials and take screenshots. Finally, it has the ability to remotely issue commands to the infected PC, such as downloading additional payloads or updating existing ones.

Back To Top