Closed Sn3akyP3t3 closed 2 years ago
LOL
My friend, your statement is very unfounded. The project is entirely open source, all binaries are built on GitHub using Actions.
Study the code, if you find at least some factors indicating the presence of malware - you are welcome.
https://www.virustotal.com/gui/file/535f9373170102ff33fb3b456cad5a63c47ca1da8447aee66f44e51e9b85b38c/detection
5 of 67 detect something Antiy-AVL Trojan/Generic.ASMalwS.34C668C Gridinsoft Trojan.Win64.Downloader.oa!s1 Jiangmin TrojanDownloader.PsDownload.ww SecureAge APEX Malicious Zillya Trojan.Agent.Script.1640570
Further analysis on https://analyze.intezer.com hints its probably packed with an extremely suspicious activity noted: Created a process from a suspicious location High File executed:C:\Users\mike\AppData\Local\Temp\535f9373170102ff33fb3b45.exe,Commandline executed:\C:\Users\mike\AppData\Local\Temp\535f9373170102ff33fb3b45.exe\ File executed:C:\Users\mike\AppData\Local\Temp\535f9373170102ff33fb3b45.exe Commandline executed:\C:\Users\mike\AppData\Local\Temp\535f9373170102ff33fb3b45.exe\
Intezer found various paths hinting possible evidence of Mimikatz malware during execution analysis. The results are inconclusive, but warrant a response and investigation.