Analysis of Native Process CLR Hosting Used by AgentTesla

The initial infection vector is a Word document that downloads and executes a 64-bit Rust-compiled binary. This binary then downloads an encoded shellcode containing the AgentTesla payload.

Cyware News – Latest Cyber News – ​Read More