"Spider-Man: No Way Home 4k" DISCORD TROJAN - +7 5989894545

[color=#FF00]Link (Dangerous): Spider Man No Way Home 4k – Telegraph [/color]

image479×327 15.7 KB

image680×486 32.8 KB

VirusTotal - VirusTotal - File - 4ba356758f1ec713a1652d90c59d94c7550cddfee1018d31bd099c3aba2788a2

image1252×373 41.6 KB

Any.Run - Spider Man_no_way_home_uTorrent.exe (MD5: FEF2BDB591EA40E6AF2FC8413782EF6D) - Interactive analysis - ANY.RUN

Associated IP Addresses:
185.15.209.141 (gg.gg)

image855×691 73.4 KB

149.154.164.13 (Telegram Messenger)

image850×464 44.4 KB

193.106.191.226

image750×380 28.8 KB

144.76.136.153 (transfer.sh)

image854×397 43.3 KB

Program contains several trojans, including Asprotect, Yakes, SusGen & a variant of the RedLine tracker. It is literally the same thing as the “Unbored Game” only except I cannot get a WhoIs lookup of the popup.

Associated Phone Number (RUSSIA) - +7 5989894545

image313×171 6.65 KB

Associated Email Address - [email protected]

Managed to trace the WHOIS data.

URL is literally just a Discuss bot.
Pinging the domain returns an IP of 149.154.164.13 which belongs to telegram (DiscussBot to be specific)
Going to the IP redirects to this domain: DiscussBot (comments.app)