๐ Agent.Tesla Dropped via a .daa Image and Talking to Telegram, (Sat, Jul 24th)
๐ก Newskategorie: IT Security
๐ Quelle: isc.sans.edu
A few days ago, I found an interesting file delivered by email (why change a winning combination?). The file has a nice extension: รขยย.daaรขยย (Direct Access Archive). We already reported such files in 2019 and Didier wrote a diary[1] about them. Default Windows installation, can't process รขยย.daaรขยย files, you need a specific tool to open them (like PowerISO). I converted the archive into an ISO file and extracted the PE file inside it.
...