CoolProjectLoader

Two-step .NET installer produced by a developer nicknamed virtual. PDB path: D:\Users irtual\Desktop\Malware\project

Threat Profile
Type Loader
Programming LanguageC#/.NET
C2 Protocolcustom
First Seen2025
Targets Kuresel
Purpose / Capabilities
  • Loader/Injector
No C2 servers have been identified for this family yet.

Research Reports (1)

High

CoolProjectLoader 2eac9624 -- virtual-developer cool-project-lol Injected-benign-GUI-resourceMZ LoaderBootstrap MemoryMappedFiles AES-payload net48-stub | Yuksek

CoolProjectLoader 2eac9624 PE32+ .NET 907KB. Gelistirici: virtual, proje: cool project lol. Injected benign GUI resourceMZ. LoaderBootstrap 2-asamali yukleyici. MemoryMappedFiles.

Read Report →