← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Malicious Compiled HTML Help File Delivering Agent Tesla
WHITE AlienVault 2022-05-13 Modified: 2022-05-13
15
IOCs
MEDIUM VOLUME
Unit 42 observed malicious compiled HTML help files for the initial delivery. They will show how to analyze the malicious compiled HTML help file. They will then follow the chain of attack through JavaScript and multiple stages of PowerShell and show how to analyze them up to the final payload.
HTMLJavaScriptPowerShell
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Agent Tesla
Indicators of Compromise (1 / 15 total)
All hostname URL FileHash-MD5 FileHash-SHA1 FileHash-SHA256
TYPEINDICATORDESCRIPTIONCREATED
URL http://pk-consult.hr/N2.jpg 2022-05-13
References (1)
↗ https://unit42.paloaltonetworks.com/malicious-compiled-html-help-file-agent-tesla/