We have a new Fake Ann with an Fake Website that have a Malware download Wallet file from a Fake Github Account for Friemon Coin !The Fake Github Account was created 4 days ago and the Malware files was uploaded 9 hours ago.
Fake Github :
github.com/FriemonThe sandbox CAPE Sandbox flags this file as: RAT MALWARE
Drops script at startup location
Suspicious DNS Query for IP Lookup Service APIs
Startup Folder File Write
Usage Of Web Request Commands And Cmdlets - ScriptBlock
RegAsm.EXE Initiating Network Connection To Public IP
Potentially Suspicious CMD Shell Output Redirect
ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
INDICATOR-SHELLCODE x86 NOOP
Source :
https://www.virustotal.com/gui/file/54138d80e63cbb98ae02c2a806cd8b38824766332c8692c881afdd065514bf85/behaviorAccount :
uadrenopl <--- Please ban or Lock that Account and delete the ThreadThis user recently woke up from a long period of inactivity.Registered since October 02, 2021 , Hacked or sold Account
Fake Ann Thread : ANN] Friemon Coin (FRMN) - The Friendliest Meme Coin!Friemon Coin is an innovative memecoin designed to bring fun and utility to the cryptocurrency world. Focused on community engagement and real-world applications, it aims to revolutionize digital transactions with a friendly twist.Website: [url=https://friemon.com]friemon.com[/url]
On top of that the Fake Website is hosted from UK in Manchester
This post is also a reference for the Github Report !