Scammer’s Website or Email: https://playhellevator.blogspot.com/2024/02/hellevator.html
Additional information about this scam: I got DMed from this stranger who ask me to test his game. I warned the server that we have in common. I also praised the scammer for his amazing game, and he blocked me.
1 Like
Triage Report: hxxps://playhellevator[.]blogspot[.]com/2024/02/hellevator[.]html | Triage
Cannot run it using ANY.run because the exe is 64-bit
1 Like
This malware is actually quite undetected, I am going to report it to various AV software to increase the detection, here is an in-depth analysis in Hybrid Analysis if you wanna see exactly what this malware does https://www.hybrid-analysis.com/sample/db3740eff8e251180c695bb58f1e44637596a5c38c05932bd333c38e163235a0/66075978ac8daee0ae0d8a9f
1 Like
1 Like
Looks like a standard Discord tokener.
1 Like
Yeah Malwarebytes is aware of it and they are currently reverse engineering it and adding detections, I also reported it to Microsoft, but they always take forever to add detections for threats like these.
2 Likes
This scam sounds like a typical bait-and-switch tactic. They lure players with promises of a game, but in reality, it’s a phishing attempt to steal your Discord credentials or personal information. It’s always a good idea to be cautious when clicking on random links or downloading files from unverified sources. For those who are into competitive gaming, especially in games like Dota 2, it’s better to invest your time in trusted services, such as improving your rank with boosting services like this one https://eloboss.net/dota2-boosting Stick to platforms you know and trust to avoid falling for these scams.