Malware Analysis: AgentTesla and ZGRat
This post details my analysis of AgentTesla and ZGRat malware samples, examining their behaviour, capabilities, and the indicators of compromise they leave behind. Overview The analysis revealed a sophisticated malware operation using both AgentTesla and ZGRat, with data exfiltration capabilities and persistence mechanisms. The malware authors implemented various techniques to evade detection while harvesting sensitive information from infected systems. Configuration Analysis The configuration analysis revealed SMTP credentials likely used for exfiltrating data:...