#AgentTesla decrypt and ready to run .dll file Stage2.
#MalwareAnalysis #Reversing #.NetFile
SimpleLogin.dll

AgentTesla Threat Actor(s) hardcoded credentials use the same password formula as enterprise environments 😭

🚨 #Opendir #AgentTesla 🚨 everywhere 🤦‍♂️

http://198.12.81[.139/2020/

🔥CLC.exe ➡️ MD5:977177ff7930860f4f208ebe1fc68675
41/71 VT

🚨 Malicious Excel File Evaded Most of the AV Solutions #AgentTesla 🚨

📌 VT Detection: 4 / 62

🔐 MD5: fbe269e9e59772f738456bf0a165f0fd
🕵️‍♂️ IOCs:
- http[:]//23.95.60.77
- http[:]//bun.is/08c72u

DOCGuard Report: app.docguard.io/cc962c0a4622ba…

Top 10 last week's threats by uploads 🌐

⬆️ #Phishing 1285 (1192)
⬆️ #Agenttesla 226 (208)
⬆️ #Remcos 164 (127)
⬆️ #Asyncrat 116 (80)
⬆️ #Snake 83 (24)
⬆️ #Hijackloader 72 (51)
⬇️ #Xworm 61 (93)
⬆️ #Njrat 50 (49)
⬆️ #Redline 50 (39)
⬇️ #Dbatloader 45 (53)

Track them all at 🔽…

🚨 Alert: This week, CZ 🇨🇿 faces a dual threat: #AgentTesla & #Remcos #malware intensify their assault. 🎯 Targeting businesses, these emails push for quick review & response. Beware of the attachment masquerading as a legitimate order, potentially dangerous! Stay vigilant!

#AgentTesla #IOC

- Archives with .uue extension

RFQ Details.uue
a13c3395d5378e4c23d9c04859bdb910

The Netskope Threat Labs statistics for March 2024 are out!
⛈ OneDrive and SharePoint were the top #cloud apps for #malware downloads
⛈ 59% of all malware downloads came from 235 distinct apps
⛈ Top malware families included AgentTesla and Guloader

netskope.com/blog/netskope-…

In a recent campaign involving the dissemination of the #AgentTesla #malware , perpetrators employed VBA macros in Word documents to conduct a #fileless injection #attack , where the malicious payload is directly loaded into the computer's memory
meterpreter.org/fileless-attac…

🔍 The HYAS Threat Intelligence team unraveled a web of malicious activities around a backdoored IP Scanner tool. Check out the adaptive tactics & overlapping infrastructure in #AgentTesla malware campaigns.
hubs.li/Q02vs8lC0
#MalwareMonday #threatintelligence

#AgentTesla & #Taskun #Malware are targeting both US Education & Government organisations.
#CyberSecurity #infosec #cybercrime
buff.ly/44iK4yI

Low detected #malware #agenttesla
Threat Score: 100/100
Virustotal Detections: 10/67
SHA256: c441e496ea933b0d63f11c1a0c8d38a79cff1759a33b2c9f6a5d03dad902983e

analyze.neiki.dev/reports/c441e4…

Fileless .NET Based Code Injection Attack Delivers AgentTesla Malware: A recent malware campaign used a VBA macro in a Word document to download and execute a 64-bit Rust binary. This binary employs fileless injection techniques to load a malicious… gbhackers.com/clr-hosting-us…

Fileless .NET Based Code Injection Attack Delivers AgentTesla Malware - GBHackers dlvr.it/T68Sb3

Learn more about #agenttesla , get fresh malware analyses and IOCs. any.run/malware-trends…

gbhackers.com/clr-hosting-us…

Fileless .NET Based Code Injection Attack Delivers AgentTesla Malware

itsecuritynews.org/fileless-net-b…

🗣 Hackers Employ Advanced Fileless Attack to Implant AgentTesla Malware
securityonline.info/hackers-employ…

#security #cybernews #cybersecurity #fridaysecurity #linkedin #twitter #telegram

Fileless .NET Based Code Injection Attack Delivers AgentTesla Malware

itsecuritynews.info/fileless-net-b…

Fileless .NET Based Code Injection Attack Delivers AgentTesla Malware Cyber Security News

Learn more: gbhackers.com/clr-hosting-us…

#cybersecuritynews