Skip to Content

New malware builder used to deliver updated version of Agent Tesla

Updated on 2022-11-20

The Splunk team has a report out on the Agent Tesla remote access trojan and its technical guts and modus operandi. OALABS also has some IOCs and detecting advice for it too. Read more: Inside the Mind of a ‘Rat’ – Agent Tesla Detection and Analysis

Updated on 2022-10-14 Agent Tesla via WSHRAT

Similarly, Uptycs also published a report on a email malspam campaign where a threat actor deployed the Agent Tesla infostealer via the WSHRAT remote access trojan

Updated on 2022-10-06

Security researchers recently discovered a malware builder being sold on the dark web known as “Quantum Builder.” Attackers are using the new builder to deliver an updated version of the Agent Tesla trojan, which is known for stealing and spying on user interactions and keystrokes. Quantum Builder can create malicious shortcut files, and has previously been linked to the Lazarus Group APT. The attackers in this campaign send a spearphishing email to targets that contains a malicious GZIP attachment that holds a malicious shortcut to execute PowerShell code. Read more:

Overview: Agent Tesla campaign

Zscaler has a report out on a new malspam campaign delivering versions of the Agent Tesla keylogger and infostealer. Read more: Agent Tesla RAT Delivered by Quantum Builder With New TTPs

Agent Tesla campaign

Tags

Tags

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.