all InfoSec news
Tracking Fileless Malware Distributed Through Spam Mails
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab Security Emergency response Center (ASEC) has discovered a phishing campaign that propagates through spam mails and executes a PE file (EXE) without creating the file into the user PC. The malware attachment in the hta extension ultimately executes malware strains such as AgentTesla, Remcos, and LimeRAT. This blog post will explain the distribution process flow from the spam mail to the final binary, as well as the techniques employed.
Figure 1 shows the main text of the spam mail …
agenttesla ahnlab asec attachment blog blog post campaign center distributed emergency extension file fileless fileless malware hta mails malware malware analysis phishing phishing campaign remcos response security spam tracking ultimately