Multi-Stage Malware Attack Utilizes JSE and PowerShell for Delivery

A new multi-stage attack has been observed, deploying malware families such as variants of Agent Tesla, the Remcos RAT, and XLoader. The attackers are using complex delivery mechanisms to avoid detection, bypass traditional sandboxes, and ensure the successful delivery and execution of payloads. According to Saqib Khanzada, a researcher at Palo Alto Networks Unit 42, this campaign uses .JSE files and PowerShell to deploy the malware.