Two emails convey as many attachments, theoretically different but in reality the same. They are two loaders that download the malware. One works and the other not.
The uue attachment contains an exe: a loader that downloads the malware and runs it by infecting the machine. Data is stolen via smtp and api telegram.
Three gz attachments carry SnakeKeylogger, AgentTesla, and a Python executable, which should download another payload. In the first two cases, the stolen data is exfiltrated via SMTP.