Re: Report Malware and Suspicious Links here so Mods can take Action !

And again a new Fake Ann Thread with a new Fake Github Malware download Link for BRANDS again !

Fake Github was created 4 Hours ago.

Fake Github : github.com/vandia1/CryptoBrands

The downloaded and installed files from there have this here:

Code:

Registry keys set
HKEY_CURRENT_USER\Software\Evrmore
HKEY_CURRENT_USER\Software\Evrmore\Evrmore-Qt
HKEY_CURRENT_USER\Software\Microsoft\RestartManager

C:\ProgramData\ThunderboltDriver\tbdriver.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell.exe
C:\Windows\SysWOW64\schtasks.exe "schtasks" /create /tn ThunderboltDriver /tr C:\ProgramData\ThunderboltDriver\tbdriver.exe /sc onlogon /it /f /rl HIGHEST
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1

Source : https://www.virustotal.com/gui/file/5a4ea5abd5f2150b2cc346cf7564454cb6d4bfdda2876324f88e267eb8242d90/behavior

Account : BukanAdit <--- Please ban or Lock that Account and delete the Thread
Registered since May 19, 2020 , Hacked or sold Account

Fake Ann Thread : [ANN] Decentralized tech mining system/GPU mining/Airdrop

Quote from: BukanAdit on Today at 08:28:56 AM

WALLET
Windows:

Code:

https://github.com/vandia1/CryptoBrands/releases/download/1.0.0/brands-win64.zip

This post is also a reference for the Github Report !