4·
14 days agoSure thing, the reasons that are most important for me personally are better multi-attach, easier splitting and resize, better plugin ecosystem and it being more modern and actively maintained in general.
Treasure
- 0 Posts
- 3 Comments
Joined 1 year ago
Cake day: August 4th, 2024
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
I much prefer tmux over screen.
TLDR: I can’t say for 100% sure, but there are multiple reasons to believe that this is malware.
Long version: I’m seeing multiple suspicious things here.
The IPs being connected to are part of some hoster and have some abuse reports: https://www.abuseipdb.com/check-block/217.20.58.98/29
The domain being resolved is qcloud[.]com, which belongs to Tencent Cloud and definitely not Microsoft.
Other domains in memory like counter-strike[.]com[.]ua are very new and definitely sound fishy.
A standalone version of 7zip is being run and extracts the created rar file with the password “infected”. Real alarm bells here.
A lot of the registry actions look like anti-debugging, which does not sound like something an Illustrator Plugin would do.