Agent Tesla's New Ride: The Rise of a Novel Loader [Wednesday, March 27, 2024]

A new and sophisticated loader has been observed delivering the Agent Tesla infostealer malware using advanced techniques like polymorphism, anti-a...
Agent Tesla's New Ride: The Rise of a Novel Loader [Wednesday, March 27, 2024]
Agent Tesla's New Ride: The Rise of a Novel Loader

Agent Tesla's New Ride: The Rise of a Novel Loader

Description :
A new and sophisticated loader has been observed delivering the Agent Tesla infostealer malware using advanced techniques like polymorphism, anti-analysis, and proxy communications to evade detection. The loader is delivered via phishing emails and executes the infostealer payload entirely in memory. Agent Tesla then captures sensitive information and exfiltrates it using compromised email accounts. This novel loader marks an evolution in the tactics used to deploy Agent Tesla and will likely facilitate the distribution of other malware families beyond just Agent Tesla.

Published Created Modified
2024-03-27 09:50:01 2024-03-27 09:50:01 2024-03-27 10:07:34

Tags

Indicators

URLs : Emails : Malwares :
  • Agent Tesla - S0331
Hashes :
  • e3cb3a5608f9a8baf9c1da86324474739d6c33f8369cc3bb2fd8c79e919089c4
  • f74e1a37a218dc6fcfabeb1435537f709d742505505a11e4757fc7417e5eb962
  • ab9cd59d789e6c7841b9d28689743e700d492b5fae1606f184889cc7e6acadcc
  • 3a1fe17d53a198f64051a449c388f54002e57995b529635758248dc4da7f5080
  • a02388b5c352f13334f30244e9eedac3384bc2bf475d8bc667b0ce497769cc6a
  • a3645f81079b19ff60386cb244696ea56f5418ae556fba4fd0afe77cfcb29211
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.