lol. It's a double compressed archive.
extract the BIT.rar file and you will get:
extract the "Bitcoin Wallet Injector.exe" and you will get:
....bot.exe....pretty lame
extract the BIT.rar file and you will get:
extract the "Bitcoin Wallet Injector.exe" and you will get:
....bot.exe....pretty lame
Wow that is just awesome.... bot.exe
Hrmm perhaps later I will get some time to reverse engineer it and see what it does =)
i'd be interested - should you happen to take the thing apart - in knowing how sophisticated the wallet-stealer is.
can it find a wallet.dat anywhere on any hard drive or partition? if the wallet is on an unmounted file system, can it mount that? if wallet.dat is renamed to something else - i.e., foo.bar - could it find the renaming line in bitcoin.conf and steal foo.bar?