Agent Tesla (Malware Family)

Agent Tesla

URLhaus

A .NET based keylogger and RAT readily available to actors. Logs keystrokes and the host's clipboard and beacons this information back to the C2.

https://researchcenter.paloaltonetworks.com/2017/09/unit42-analyzing-various-layers-agentteslas-packing/

https://malwarebreakdown.com/2018/01/11/malspam-entitled-invoice-attched-for-your-reference-delivers-agent-tesla-keylogger/

https://www.zscaler.com/blogs/research/agent-tesla-keylogger-delivered-using-cybersquatting

https://blog.fortinet.com/2017/06/28/in-depth-analysis-of-net-malware-javaupdtr

https://www.fortinet.com/blog/threat-research/analysis-of-new-agent-tesla-spyware-variant.html

https://thisissecurity.stormshield.com/2018/01/12/agent-tesla-campaign/

https://blogs.forcepoint.com/security-labs/part-two-camouflage-netting

There is no Yara-Signature yet.