AgentTesla Malware: A Deep Dive
AgentTesla is a malware that first surfaced in 2014 and has been creating troubles ever since. In this report our threat research team does a deep dive into AgentTesla malware, explaining how it gets in, moves across your network, and how you can watch out for it.
The sample analyzed for this report (qtz.exe), chosen from the list of the most common recent malware in email detections for Fidelis customers, has the AgentTesla payload packed using three successive stages. The modular nature of the unpacking stages, the different techniques employed in each stage, and several configurable fields found within the AgentTesla payload, suggests that the analyzed sample originated from a Malware-as-a-Service (MaaS) provider and is highly customizable.
Download the complete report to learn how AgentTesla operates and how your organization can avoid coming face to face with AgentTesla.