VERY IMPORTANT

This report analyzes a phishing campaign spreading a new Agent Tesla variant designed to infiltrate victims' computers and steal sensitive information like credentials, email contacts, and system details. It leverages techniques like exploiting Microsoft Office vulnerabilities, executing JavaScript and PowerShell code, process hollowing, and obfuscation to evade detection. The malware targets over 80 software applications to harvest credentials and collects email contacts from Thunderbird. Stolen data is exfiltrated via FTP. Fortinet's security services provide protection against this campaign.