You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I opened it in a VM and there was a fake progress load and it did nothing.
Looking at the source code, it's clear the progress bar is fake:
private void FillProgressBar()
{
progressBar1.Minimum = 0;
progressBar1.Maximum = 600;
progressBar1.Value = 0;
int num = 0;
while (num <= progressBar1.Maximum)
{
progressBar1.Value = num;
num++;
Thread.Sleep(100);
Application.DoEvents();
}
}
Additionally, it uses Nethereum, an open source .NET ethereum library. This isn't weird on its own, but the copy of the Nethereum is obfuscated. This would make sense for a proprietary library but makes no legitimate sense for an open source library. Only Nethereum.Accounts appears to be obfuscated, the other DLLs are not. The exception is Nethereum.Common.DLL which the main code decrypts. Why is one DLL from an open source library encrypted? This screams malware.
The text was updated successfully, but these errors were encountered:
I opened it in a VM and there was a fake progress load and it did nothing.
Looking at the source code, it's clear the progress bar is fake:
Additionally, it uses Nethereum, an open source .NET ethereum library. This isn't weird on its own, but the copy of the Nethereum is obfuscated. This would make sense for a proprietary library but makes no legitimate sense for an open source library. Only Nethereum.Accounts appears to be obfuscated, the other DLLs are not. The exception is Nethereum.Common.DLL which the main code decrypts. Why is one DLL from an open source library encrypted? This screams malware.
The text was updated successfully, but these errors were encountered: