Collaborate Disseminate
We continue to see AgentTesla keylogger / Infostealer on a daily basis. The UK generally has been fairly quiet for malware over the last few months ( since Easter 2019) and we are only seeing the “commodity” malware like AgentTesla, Hawkeye… Continue reading new AgentTesla Keylogger install method – Choice.exe
We are still seeing continuous AgentTesla keylogger / Info-Stealer campaigns hitting the UK. We sill aren’t seeing a lot of other malware at the moment. I have received about 20 different versions over the last week that have all been nothing spe… Continue reading More AgentTesla keylogger info-stealer campaigns hitting UK
We are seeing a continuation of even more AgentTesla malspam campaigns again this morning. However today’s is somewhat different to usual and also delivers a Nanocore RAT. Actually the Nanocore RAT is downloading the AgentTesla keylogger. And af… Continue reading More AgentTesla keylogger and Nanocore RAT in one bundle
We are seeing a continuation of the new style AgentTesla malspam campaign again this morning. This is still using a multistage downloader eventually resulting in the AgentTesla keylogger / infostealer being run on the victim’s computer as a filel… Continue reading More AgentTesla keylogger as fileless malware.
I am seeing a somewhat different to usual AgentTesla malspam campaign this morning. This is using a multistage downloader eventually resulting in the AgentTesla keylogger / infostealer being run on the victim’s computer as a fileless malware. It … Continue reading AgentTesla keylogger as fileless malware.
I had a bit of a problem trying to analyse this malware today. The word doc looks pretty average at first glance, but trying to run it in Anyrun on a W7 32 or 64 bit version of windows. gave me VBA errors. It also wouldn’t run on 64 bit version… Continue reading Fake order delivering AveMaria stealer with difficult office doc.
I have a bit of a strange one here from yesterday evening. I received a couple of different copies of this email, both coming from the same server and IP number but with different alleged senders. I am not exactly sure what it is. although some detect… Continue reading Fake order confirmation for refurbished Samsung TV delivers Malware
Another Hawkeye keylogger attempt that has problems with the delivery system. The email pretends to be a purchase order from a company called Bath Trends, who might or might not actually exist. It pretends to come from a Gmail address. It is supposed … Continue reading Yet another attempted Hawkeye delivery that fails.
Ave Maria info stealer & keylogger is a relatively new malware that appeared rather suddenly towards the end last year 2018. We don’t see much of it in UK and most examples I have heard of are from Italy and have been targeting Italian compa… Continue reading Ave Maria infostealer keylogger via Fake Invoice order confirmation
The next Formbook campaign today is a bit of a cock-up from the malware bad actors. The email invites you to quote for 720 of an unspecified object, the details being in the attached file. This is where they have made the mistake and made it less like… Continue reading More Formbook via fake order using broken .rar attachments