Safety And Security

AutoIT-compiled Negasteal/Agent Tesla, Ave Maria Delivered via Malspam

Posted on Author Comments Off on AutoIT-compiled Negasteal/Agent Tesla, Ave Maria Delivered via Malspam
Trend Micro

By Miguel Carlo Ang and Earle Maui Earnshaw  We recently saw a malicious spam campaign that has AutoIT-compiled payloads – the trojan spy Negasteal or Agent Tesla (detected by Trend Micro as TrojanSpy.Win32.NEGASTEAL.DOCGC), and remote access trojan (RAT) Ave Maria or Warzone (TrojanSpy.Win32.AVEMARIA.T) – in our honeypots.  The upgrading of payloads from a typical trojan…

The post AutoIT-compiled Negasteal/Agent Tesla, Ave Maria Delivered via Malspam appeared first on .

Multimedia
All Other Multimedia:
image/jpeg iconMalware-200x125_18.jpg (4.01 KB)

Related Materials
Language:
English

read more

Post Views: 455

Related Articles
Safety And Security

When PSD2 Opens More Doors: The Risks of Open Banking

Posted on Author dragonip

Trend Micro Forward-Looking Threat Research Team We looked into the security implications of the changing banking paradigm with PSD2 in place. Our research highlights the current and new risks that the financial industry will have to defend against, and predict how cybercriminals will abuse and attack Open Banking. The post When PSD2 Opens More Doors: […]
Safety And Security

More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting

Posted on Author

Trend Micro The threat group APT33 is known to target the oil and aviation industries aggressively. Our recent findings show that the group uses about a dozen live Command and Control (C&C) servers for extremely narrow targeted malware campaigns against organizations in the Middle East, the U.S., and Asia. The post More than a Dozen […]
Safety And Security

New Exploit Kit Capesand Reuses Old and New Public Exploits and Tools, Blockchain Ruse

Posted on Author

Trend Micro We discovered a new exploit kit named Capesand in October 2019. Capesand attempts to exploit recent vulnerabilities in Adobe Flash and Microsoft Internet Explorer (IE). Based on our investigation, it also exploits a 2015 vulnerability for IE. It seems the cybercriminals behind the exploit kit are continuously developing it and are reusing source […]