PUA.Win64.Ngrok.E

This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Arrival Details

This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Other Details

This Potentially Unwanted Application does the following:

• It exposes local networked services behinds NATs and firewalls to the public internet over a secure tunnel.
• It is capable of sharing local websites, build/test webhook consumers and self-host personal services.
• It uses the following version of ngrok:
  • Ngrok 3.16.0

It accepts the following parameters:

• api → use ngrok agent as an api client
• completion → generates shell completion code for bash or zsh
• config → update or migrate ngrok's configuration file
• credits → prints author and licensing information
• diagnose → diagnose connection issues
• help → Help about any command
• http → start an HTTP tunnel
• service → run and control an ngrok service on a target operating system
• start → start endpoints or tunnels by name from the configuration file
• tcp → start a TCP tunnel
• tls → start a TLS tunnel
• tunnel → start a tunnel for use with a tunnel-group backend
• update → update ngrok to the latest version
• version → print the version string
• --config {strings} → path to config files (merged if multiple)
• -h | --help → help for ngrok
• --metadata string → opaque user-defined metadata for the tunnel session
• -v | --version → version for ngrok