FPS Booster, well not really. caysiV2839#9797 | 834716137283125248

GhostSlayer

I'm in a server which looks kinda suspicious, it doesn't have any good staff's which makes it worse, but a user sent a message and the user was possibly fell for a token logger. The message looked like this:

I ran any.run test again, and it didn't give any positive results. It read some cookies from websites which are probably discord.com/discordapp.com.

Since it reads cookies, it possibly got the Discord credentials so it's pretty much possible that "caysiV2839" is not a dangerous user, but a victim of the token logger. So if anyone sees a similar message, do not download the file, it should be obvious 😃

any.run report: https://app.any.run/tasks/095ad33e-65b2-460f-8020-382a8be582a9
Virustotal report

GhostSlayer

I don't know if I should blur the links, but I'll keep the links just non-blurred

Debaucus

GhostSlayer Thanks for another fantastic report!

In terms of blurring links, I think its ok as long as the links are in picture form and not text form. I would at a minimum want the end of the URL shown so users know what to look for in a link.

The FpsBoost.exe.exe helps give context so someone who might get a similar or different link 🙂