AgentTesla [S0331] a.k.a Negasteal is a .NET-based Remote Administrator Tool (RAT) first detected in 2014. It is advertised as a Remote Administrator Tool since then. AgentTesla allows adversaries to remotely control the systems of victims and manipulate them accordingly, so it is utilized by numerous threat actors such as SILVERTERRIER, SWEED, Aggah, and many more.
Learn more about the analysis, detection, and mitigation using Logpoint SIEM+SOAR in our latest report on the link below.
https://www.logpoint.com/en/blog/agentteslas-capabilities-review-detection-strategies/