- Jan 25, 2022
- 59
- 27
it worse then just a bitcoin miner it hijack edge and webview likely to see passwords and credit card info it create lot of stuff like "program" auto start and trustedinstaller processes that kill/remove themselves when you find out about them (of course they get installed back either when you're idle or you restart) and lot more stuff that aren't as scary then the fact it mines bitcoins (at least tries since it would take millions of years to get one on my gpu) also all anti-viruses that i have tested can't remove it but that isn't as scary as losing some performance when idle and away from the computer that the worse thing this virus doesit was used with a program called "Bat To Exe Converter", you can google that.
basically, someone made the malware in this batch file (probably dev themselves), then ran the program on it with the option to encrypt the original batch file, giving you 2 files as output, one being the binary .exe and the other being this batch file with encrypted contents, with the non-malware unencrypted part appended at the end to run the game.
since it seems to be a coin miner, dev probably got it somewhere to make an extra buck and simply added 2 extra lines at the end to run his game and pretend that's how you're supposed to run it.