"Game Mode: One-Click Computer Optimization" FACEBOOK TROJAN

[color=#FF00]Link (Dangerous): MSI Dragon Center Download Center (landing-dragon-centr.com) [/color]

Registered in the Netherlands via Gransy, S.R.O. on February 28, 2023 - Whois landing-dragon-centr.com

image670×815 38.1 KB

Associated Facebook Account - Clara | Facebook

Popup is a fake MSI Dragon Center download page, with the program being downloaded from Discord as a .rar file.

[color=#FF0000]VirusTotal - VirusTotal - File - 3b22742d10f7d8c4eced2ec8eba34057939c39b187e3243da612d483e150268c[/color]

image1278×356 27.8 KB

[color=#FF0000]Any.Run - Analysis Dragon-center.rar (MD5: 16D0D3B6C91EE6B485F0291B3AA3682E) Malicious activity - Interactive analysis ANY.RUN[/color]

image1284×353 30.7 KB

Program contains the Artemis, Hulk, Kryptik, MISLHeracles and Wacatac trojans alongside a variant of the Redline stealer.

Associated IP Addresses:
185.117.90.53

image1203×397 36.3 KB

77.73.134.40

image841×642 49.8 KB