- Keygen... | Nl-brute 1.2 X64 & 1.2 X64 Vpn Edition

Often identified as HackTool:Win32/NLBrute , Trojan.Generic , or Trojan.CoinMiner . Malicious Behavior & Capabilities

Approximately 61% to 71% of antivirus engines flag this specific executable as malicious.

Immediately upon execution, it drops additional malicious files such as ipuuxdnejdhydqx.exe (CoinMiner) and PZD.exe (Trojan) to persist on the system. NL-Brute 1.2 x64 & 1.2 x64 VPN Edition - KEYGEN...

The malware reads the computer name, machine GUID from the registry, and even attempts to detect the BIOS version.

The legitimate-but-malicious tool this "keygen" claims to unlock is , a high-quality RDP (Remote Desktop Protocol) brute-forcing tool. Often identified as HackTool:Win32/NLBrute , Trojan

Created by threat actor "dpxaker" (Dariy Pankov), who was sentenced in 2023 for its development.

The executable is almost certainly a Trojan that will compromise your personal data or use your hardware for cryptocurrency mining. The malware reads the computer name, machine GUID

Analysis reports from Hybrid Analysis and ANY.RUN highlight several dangerous activities: