And we have again the same Fake Ann as the last time with a Fake Github Account and Malware download Link on the Website for Azlora (AZL).The Fake Github Account was created 4 days ago and the Malware File uploaded 16 Hours ago.
Fake Github :
github.com/AzloraAlso here the sandbox CAPE Sandbox flags this file as:
RAT MALWAREDrops script at startup location
Suspicious DNS Query for IP Lookup Service APIs
Startup Folder File Write
Usage Of Web Request Commands And Cmdlets - ScriptBlock
RegAsm.EXE Initiating Network Connection To Public IP
Potentially Suspicious CMD Shell Output Redirect
Potentially Suspicious Execution Of Regasm/Regsvcs From Uncommon Location
ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016
ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
ET MALWARE Common RAT Connectivity Check Observed
A Network Trojan was detected
Source :
https://www.virustotal.com/gui/file/0672dfa586109d7b621757ed3e554e97b3cda928797ccf4f07fc192ab43597f7/behaviorSuspicious IP Connection:
ttasstsat.tech
lifehackov.ru
Source :
https://www.virustotal.com/gui/file/0672dfa586109d7b621757ed3e554e97b3cda928797ccf4f07fc192ab43597f7/relationsAccount : Zahjejjiko <--- Please ban or Lock that Account and delete the ThreadThis user recently woke up from a long period of inactivity.Registered since October 04, 2021 , Hacked or sold Account
Fake Ann Thread : [ANN] Azlora (AZL) - The Meme Coin That’s Out of This World!Thread is Self Moderated as always from the hackers and 18 comments already deleted.
Project Name: Azlora
https://azlora.com