trojan.Evrial Cryptocurrency stealer

Forum for analysis and discussion about malware.
Post Reply
markusg
Posts: 730
Joined: Mon Mar 15, 2010 2:53 pm

trojan.Evrial Cryptocurrency stealer

Post by markusg » Wed Feb 21, 2018 7:14 pm

SHA-256
2816e869afc0bb09635c15d64f9fd1e6e02aaefc68fe227c454af302e6bb453a
File name
WinRar Setup (1).exe
https://www.virustotal.com/#/file/2816e ... /detection
You do not have the required permissions to view the files attached to this post.

fonavozia
Posts: 6
Joined: Wed Oct 14, 2015 12:14 pm

Re: trojan.Evrial Cryptocurrency stealer

Post by fonavozia » Fri Mar 02, 2018 2:23 pm

C&C moved to hxxps://projectevrial.com/login/.

fonavozia
Posts: 6
Joined: Wed Oct 14, 2015 12:14 pm

Re: trojan.Evrial Cryptocurrency stealer

Post by fonavozia » Fri Mar 16, 2018 7:58 am

C&C address is downloaded from hxxps://github.com/sevampir/evrial (hxxps://raw.githubusercontent.com/sevampir/evrial/master/LICENSE.md/evrial)

fonavozia
Posts: 6
Joined: Wed Oct 14, 2015 12:14 pm

Re: trojan.Evrial Cryptocurrency stealer

Post by fonavozia » Fri Mar 16, 2018 8:00 am

Sample in attachment (379aa4c0fe0e2027e76341e075321fa0).
You do not have the required permissions to view the files attached to this post.

Post Reply