Malware
CrackedCantil
According to ANY.RUN, this is a dropper for win.privateloader and its execution will lead to a cascade of downloads with a large variety of additional malware.
According to ANY.RUN, this is a dropper for win.privateloader and its execution will lead to a cascade of downloads with a large variety of additional malware. The families include more loaders, information stealers, cryptominers, a proxy bot, and ultimately also ransomware. The execution order is orchestrated, e.g. as in data is stolen and exfiltrated before encryption. It is distributed through advertized cracked software, e.g. IDA Pro.
Family metadata imported from Malpedia (Fraunhofer FKIE).