Malware detected

hi
I downloded this program : https://github.com/githuob/SpyNote-v6.5-Cracket-2020
when i’d run AndroidTester_v6.4.6.exe this program MpCmdRun2.exe will be creted in TEMP and used a TCP connection “193.161.193.99”
so why it used TCP connection
is it a Payload Trojan for hack people ??

1 Like

:wave: Welcome!

Thanks for letting us know! I’ve passed your report on to be investigated.

Moved this thread to Uncategorized, as there isn’t any relation to GitHub Actions.

I thought that you would move to stop the virus, my device and many others devices where hacked because of your platform and did not move yet !!
at first, i throught that you as programmers would check any program that might be uploaded before make it public
i detected also an injection in my /RUN/ in registry for run the trojan
i don’t know how to check the memory process maybe the payload injected in my memory

This is being investigated. I’m afraid these do take some time.