It is used by cybercriminals to obtain unauthorized access to thousands of computers worldwide by decrypting login credentials.
Immediately upon execution, it drops additional malicious files such as ipuuxdnejdhydqx.exe (CoinMiner) and PZD.exe (Trojan) to persist on the system. NL-Brute 1.2 x64 & 1.2 x64 VPN Edition - KEYGEN...
It checks for the presence of debuggers to avoid being analyzed by security researchers. It is used by cybercriminals to obtain unauthorized
Often identified as HackTool:Win32/NLBrute , Trojan.Generic , or Trojan.CoinMiner . Malicious Behavior & Capabilities NL-Brute 1.2 x64 & 1.2 x64 VPN Edition - KEYGEN...
Created by threat actor "dpxaker" (Dariy Pankov), who was sentenced in 2023 for its development.
Approximately 61% to 71% of antivirus engines flag this specific executable as malicious.