skip to Main Content

Cybercrime, the mail “STC-PI 07019 hides AgentTesla

Technical analysis by the Malware Hunter JAMESWT

The mail “STC-PI 07019 hides AgentTesla. The gz attachment contains an exe file: the malware itself. The data is exfiltrated via Telegram

“STC-PI 07019” is the subject of an email that hides AgentTesla.

The gz attachment contains an exe file: the malware itself. The stolen data is then exfiltrated via Telegram.

AgentTesla, through the keylogger function, is able to acquire everything the user types. Furthermore, it can steal browser emails and credentials and take screenshots. Finally, it has the ability to remotely issue commands on the infected PC, such as downloading additional payloads or updating existing ones.

Malware C2

Back To Top