The Fake Github download File was created 2 Days ago.
Fake Github : github.com/troyseate/electrum-kas
A Many shady and bad things happen when you start the Wallet File:
MALWARE TROJAN EVADER RAT
Detects Schtask creations that point to a suspicious folder or an environment variable often used by malware
Detects DNS queries for IP lookup services such as "api.ipify.org" originating from a non browser process.
Detects the addition of a new rule to the Windows firewall via netsh
Detects scheduled task creations or modification to be run with high privileges on a suspicious schedule type
Detects the creation of scheduled tasks in user session
Detects the load of RstrtMgr DLL (Restart Manager) by an uncommon process. This library has been used during ransomware campaigns to kill processes
Detects loading of Amsi.dll by uncommon processes
Detects a WMI modules being loaded by an uncommon process
C:\Program Files\Kaspa\KDX\bin\windows-x64\genkeypair.exe
C:\Program Files\Kaspa\KDX\bin\windows-x64\gpuminer.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
HKEY_CURRENT_USER\Software\Microsoft\RestartManager
C:\Windows\SysWOW64\schtasks.exe "schtasks" /create /tn "Discord startup" /sc ONLOGON /tr "C:\Users\user\AppData\Roaming\SubDir\Client.exe" /rl HIGHEST /f
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
Source : https://www.virustotal.com/gui/file/4dcae6a5ede0c0059bf0cdce636b144c40faa65c4539f91d456cc8df333509ff/behavior
Account : fanepatent2 <--- Please ban or Lock that Account and delete the Thread and Posts
Registered since November 23, 2017 possible hacked or sold Account
Fake Ann Thread : [ANN] KASTLS - kaspa tools project (For using)
https://github.com/troyseate/electrum-kas/tree/main
Fake Posts :
https://bitcointalksearch.org/topic/ann-pyrin-pyi-gpu-pow-ghostdag-blockdag-5476198
https://bitcointalksearch.org/topic/ann-karlsen-kls-gpu-pow-a-fork-of-kaspa-with-kheavyhash-asic-resistance-5475216
https://bitcointalksearch.org/topic/ann-kaspa-kas-cpu-pow-ghostdag-5373286
This post is also a reference for the Github Report !