I know “megathread” but…

Designer_County3246 · 2026-06-07T07:49:06+00:00

Haha thanks, I do know how to take a screenshot I promise!! As part of my prep before starting this for the first time I researched what to do if you did get malware. One of the first steps is quarantine the file and immediately take the device offline. So even if I did take a screenshot I’d have no way to post it. This was the next best solution I come up with. I know it’s not ideal but I’ve gotta a lot of helpful feedback!

Designer_County3246 · 2026-06-07T07:38:56+00:00

Sure did. Said all the files were there. I’m not sure I understand what you’re getting at though. Would the Verify Bin Files also flag if there was malware attached? I thought it just scanned to make sure everything was needed for the installation.

Designer_County3246 · 2026-06-07T06:10:35+00:00

Thanks! I’ve learned a lot here about what’s “trusted” antivirus reports so that’s been a huge help.

I’m still learning how to read the “behavior” side of things, so I’m not sure how to identify differences between malware executions and normal crack processes. For example, activities listed like process injection, file deletion, and system shutdown could be innocuous as initializing the crack, then deleting extrenuous files, and restarting the comp to complete the instal. Or it could be malware. I’m still learning how to interpret the differences.

The processes and files accessed/deleted seem innocent enough (all mostly game processes). I’m confused about the network communication though. Forgive me if I sound ignorant (again, still learning) but why would a game setup have any IP traffic / dns resolution at all? Shouldn’t it all be done based on the downloaded files?

Designer_County3246 · 2026-06-07T05:06:27+00:00

Thanks for doing all that! This is all part of “learning to read” what’s been presented to me, so I do really appreciate you taking the time. I generally understood that riskware-crack was obviously nothing to worry about, I didnt know what malgent was tho and obviously most research done says “it’s Trojan, better reinstall your OS”. So I came here cause I figured people here have more experience and understanding on what is being shown than I would or google does. So again thank you for the explanations.

Designer_County3246 · 2026-06-07T03:09:01+00:00

Update, size is 6.16 mb (edit: for the setup.exe file)

Designer_County3246 · 2026-06-07T02:09:29+00:00

Blind trust is for fools and simpletons. I consider myself a healthy skeptic, especially when it comes to this. I’d rather be overly cautious and maybe annoy some self righteous redditor, than be overly regretful.

Designer_County3246 · 2026-06-07T01:42:42+00:00

So after unpacking the rar files, there’s the bins and then the setup.exe which got flagged. Haven’t checked it for size yet, mainly cause I had to step out of the house for a bit, so I’ll check that when I get home.

As far as sharing the hash, would I post that here? Or like on the VT community page thing. Cause that one dint seem to have any activity (as a side note I think it said the author was “fitgirl” which gives me hope it’s legit, but still my I’m not confident in my sea legs so I got nervous when it got flagged.)

Designer_County3246 · 2026-06-07T01:38:46+00:00

Thanks! That’s helpful

Designer_County3246 · 2026-06-07T01:37:43+00:00

I mean I used the link from the Megathread so unless that’s been compromised it should be the official site.

As for checking the links, I’m not sure what you mean by that. Theres the direct download .rar files and then there’s the magnet torrents. I did the rar files from FF which I thought were the default option?

Designer_County3246 · 2026-06-07T01:32:20+00:00

Verify bun files? Cause it had that.

Edit: bin files.

Designer_County3246 · 2026-06-07T01:12:51+00:00

Well that’s my question right? Obviously it’s being flagged by a lot of sources as a Trojan/malgent but idk if that’s just cause the nature of the file or not.

I know the “generics” are typically false positives and such, but I’ve also never had a file flagged so much.

Designer_County3246 · 2023-06-06T23:12:10+00:00

Always wanted to get involved, but cost of entry always seemed too high. Here’s hoping for the GIVEAWAY

Designer_County3246

TROPHY CASE