skip to Main Content

Cybercrime, three malware spread in a single compressed document

Technical analysis by the Malware Hunter JAMESWT

Threee malware have been spread by cybercrime in a single document, probably an email attachment. They are HawkEye, Matiex and Agent Tesla, hidden in a .7z document. It contains four exe files, disguised as pdf

Huge bunch of malware spread by a single document on a fake shipment, probably an email attachment. Cybercrime put totegher HawkEye, Matiex and Agent Tesla, hidden as a pdf files inside a .7z document protected by a password (usually written in the message). If the victim unpack it, four exe are downloaded. Those, if opened, start the infection chain. One contains HawkEye, another Matiex, and the last two Agent Tesla. The aim is to steal sensitive data from the targets. All of the malicious codes are keylogger and info stealer.

The four exe files disguised as pdf in the attachment

The confirmation of the malware families

Back To Top