What's in the LHR UNLOCKER VIRUS!?
In this video I go over everything that I discovered while researching the recent LHR Unlocker Virus!
Huge thanks to Y3ti, @ChumpChangeXD and @RedPandaMining !!
Red Panda's Livestream:
• Testing this LHR Unloc...
ChumpchangeXD's livestream:
• NEW Nvidia RTX LHR UNL...
My Discord:
/ discord
My website for Hashrates:
hashsearch.tech/
Notes:
A software like this usually comes pre-packaged for the hacker, meaning that he might choose to use one or more part of it, and not all of it. Even though a virus scan says that there is this virus among other virus' it might not be in use.
backdoor = a open port on you pc with access to do whatever, also known as a RAT (Remote access trojan)
Trojan = Hides it's functionality, known to do things such as a ddos, spamming, keylogging or unknowingly running a background process.
ddos = when you send multiple requests to a server to bog it down
keylogging = logging usernames and passwords
FileRepMalware
COULD BE "KMSPIBO" aka Win32:Evo-gen[Susp]
Can activate Windows without buying a copy of windows.
Probably not this, so it's unknown.
appuals.com/what-is-filerepma...
Gen:NN.ZemsilF.34232.jm0@aWzx0un
backdoor
www.microsoft.com/en-us/wdsi/...
Trojan.downloaderNET.324
Trojan
spyware
evader from defender
and maybe ransomware?
www.joesandbox.com/analysis/3...
Trojan.spy
Trojan
Spyware
(Pretty self explanatory)
www.google.com/search?q=troja...
trojan.malware.300983.susgen
malware
disguises harmful processes as background windows processes.
www.google.com/search?q=troja...
Arternis|Trojan
Trojan that limits the users actions, usually tied with ransomware.
www.enigmasoftware.com/artemi...
Malicious
Unknown
generic ml pua
Ransomware
Malware
howtofix.guide/generic-ml-pua...
Generic.mg1870bb66ef6d3dfd
Trojan's that start with Generic are just trojans that are so new or so obscure that they're undocumented.
win/malicious_confidence_60% (w)
Displaying popup ads
Hijacking your browser
Infecting your desktop shortcuts, etc.
Inserting ads to the web pages
This article describes it as "crapware"
malwarefixit.com/howto/remove-...
VHO:Trojan-downloader.MSIL.Seraph.gen
Goes and downloads something without the user's permission or knowledge .
www.microsoft.com/en-us/wdsi/...
Artermis|1870bb66EF6D
Probably the same thing as Generic.mg1870bb66ef6d3dfd
Googling this leads to nasa website lol. No other information.
Trojan:Win32/Sabsik.FL.B!ml
This can do a long list of things, I highly recommend going to the website I have linked to see, but here are some things that it does.
Backdoor
hides applications
steals information
attempts to use powershell
creates hidden system files
checks for virtualization
and much, much more. This was probably what would allow the hacker to steal crypto.
howtofix.guide/trojanwin32-sa...
static ai - suspicious pe
Malware detector?
Scan executable files, probably be used for something else.
www.cyberbit.com/blog/endpoin...
ml.attribute.highconfidence
Unknown Trojan, but likely related to application data and user data.
www.trendmicro.com/vinfo/us/t...
Wanna support the channel? Send some Bitcoin! Address:
167ygjRfssXSmPAodpepB543baRmNWnqop
Пікірлер: 9
Love it man. Great Job! RPM sent me over. Subbed
Thanks for the PSA and analysis of his malware! Subbed!
Good going bro
sometimes being a noob has some upside! i wouldn't have been able to download it anyway haha
I need the file so I can show what’s actually in the exe. So we can see the endpoints etc
Looks like all the viruses in nicehash 🤣
This is why everyone should use linux!
Lol