Dumbo2022

That annoying part of the installer may be PUP, but there is no trace of the game anywhere. This was supposed to contain an update to a game: it doesn't, there none of it. You don't get asked for its location, the game's folder doesn't get modified nor other directories are created. What it does, is something suspicious with those 7zip exe that keep popping up in my temporary folder.

The software (author is "10sIT Oy") looks like an installer: Including several of these trick choices: It either installs, or downloads something: I'm not sure whether this file is the only one that gets downloaded, but I have uploaded it in another folder of the same Mega account: "https://mega.nz/folder/4pp0RaTa#bnP3L6aucOoF-Whapllr6g" But there's more: this Setup.exe file isn't detected as a virus either, but when I went to upload it (as to say I was in Kaspersky's Analyze page, and clicked on Browse) my Brave browser strangely opened this folder: C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\V09IP0KU Which contained what seems to be installers for an old beta of 7zip. I checked my 7zip installation in program files, and it had been indeed created a few minutes ago. I have also uploaded more files that were around that location in Appdata, and might be part of this.

Done, I submited it for re-analysis with a description of its behaviour. At first sight, there is no detection. But it does something.

Please, I need help. I was trying to update a cracked game, but the update program looked suspicious. I ran it through https://www.virustotal.com/gui/home/upload and it didn't find anything. So I thought it was just a poorly done updater. Instead, it was like one of those annoying installers that make you install more programs before the installation proper starts. And afterwards, it downloaded and installed something. I'm currently running an ESET scan but I have no clue. The virus or whatever it is, can be found here. Don't run it if you don't know what you are doing, like me! "https://mega.nz/file/Np4XRTAA#Ns4MFEaQ-mpGx0QcYxTARuba8x7JiKeGo-PQuSCWedA"