Hello, my friends! Let's hit 15K likes? Check out my website! https://enderman.ch
Today I am going to show you the rarest and the most invasive version of the fake installer with the largest amount of optional offers, which are openly malicious. The installer itself is incredibly difficult to analyze, all because of the Anti-VM, Anti-Sandbox modules and background IP, HWID checks it performs before running on real hardware. The installer had been out there since at least 2020 and I'm honestly very surprised it survived to this day in such a shape.

Links:
Malware generator - https://go.enderman.ch/malware-generator

Timestamps:
0:00 - Intro
0:27 - Behavior
1:03 - Farming
4:03 - Sample 1
6:50 - Sample 2
9:26 - Payload
16:06 - Infection
18:29 - Second run
20:49 - Conclusion
22:01 - Outro

Still got questions? Don't hesitate, send them to [email protected]!
Hope you have a great day!

#endermanch #adware #malware