Distributing AgentTesla through more sophisticated malicious PPT
released on 2021-12-02 @ 03:01:54 PM
The ASEC team have been following malicious PPT files that have been steadily circulating since last year. Recently, it was confirmed that various malicious functions were added to scripts executed in these malicious PPT files. The method of executing the malicious PPT files is the same as before, and functions such as additional malicious code execution, Anti-AV, and UAC bypass are performed by the malicious script.