called and they said they were not Microsoft, just anti virus
"We Provide best Customer Service and CustomerSupport because we follow these rules in our approach : … You Have to possess skin "
They're site uses Cloudflare, so I reported them to Cloudflare and to the Google Safe Browsing project. I also reported them to mylivechat (the providers of their chat feature). I also am pretty sure that they are based in Haryana, India, but that could just be a red herring.
As for SunariseInfoTech, I also am in the process of analyzing their "security" package. I might try and report them to their domain registrar as well. Was their any other outsourced parts of their scam (remote access logins, forms, etc.) that we could try and get shut down?
Definitely bad, it appears to be some kind of Trojan. It's heavily obfuscated (no english strings directly in the PE), and edits the registry key `HKLM\System\CurrentControlSet\Control\WaitToKillServiceTimeout`, which controls how long Windows will allow services to close themselves before shutting down, and does a few other suspicious things.
@alesthebait#189162 Reported to Cloudflare, mylivechat, and Google Safe Browsing.
Their website says their address is:
SRS Tower No. 2F-11
Sector 31, Faridabad
121001 HR
But the domain `sunarises.com` was registered in Haryana, India.
https://www.virustotal.com/gui/file/851f0f1a8ebe7f133a50139d090487b6a3d96077bf2071e884e9e7af8b4ac60e/detection
Definitely bad, it appears to be some kind of Trojan. It's heavily obfuscated (no english strings directly in the PE), and edits the registry key HKLM\System\CurrentControlSet\Control\WaitToKillServiceTimeout, which controls how long Windows will allow services to close themselves before shutting down, and does a few other suspicious things.