Taffy-tales.rar May 2026

: New, randomly named .exe or .dat files appearing in %AppData%\Local\Temp .

: The malware attempts to connect to a Command and Control (C2) server via HTTP/HTTPS to exfiltrate the gathered data. Indicators of Compromise (IoCs) Taffy-Tales.rar

: The executable often acts as a dropper . It may deploy a legitimate-looking front-end to distract the user while a hidden script (often PowerShell or VBScript) runs in the background. : New, randomly named