skip to Main Content
Cybercrime, AgentTesla spread from a fake metal order from Italy
R00 attachment contains an exe: the malware itself. Stolen data is exfiltrated through Telegram API.

Cybercrime, AgentTesla spread from a fake metal order from Italy

R00 attachment contains an exe: the malware itself. Stolen data is exfiltrated through Telegram API.
Cybercrime, ArcelorMittal lure for an AgentTesla campaign
The executable in the attachment creates and saves two files in the Windows temp folder:…

Cybercrime, ArcelorMittal lure for an AgentTesla campaign

The executable in the attachment creates and saves two files in the Windows temp folder: the malware itself. The files are exfiltrated via FTP.
Cybercrime, “Purchase Order No. PO-109688 ” mail conveys AgentTesla

Technical analysis by the Malware Hunter JAMESWT “Purchase Order No. PO-109688 " mail conveys AgentTesla.…

Cybercrime, “Purchase Order No. PO-109688 ” mail conveys AgentTesla

Technical analysis by the Malware Hunter JAMESWT “Purchase Order No. PO-109688 " mail conveys AgentTesla. The exe in email XZ attachment downloads other components and starts the malware infection. Data is exfiltrated via FTP "Purchase Order No. PO-109688" is the…

Back To Top