Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



 17097

LummaC2 - stealer, knock 75-80%, FUD, anti-unlogging Google

by LummaStealer - 11 July, 2023 - 12:01 AM
This post is by a banned member (LummaStealer) - Unhide
289
Posts
1
Threads
1 Year of service
(This post was last modified: 11 November, 2023 - 06:32 PM by LummaStealer. Edited 10 times in total.)
LummaC2 is a new generation stealer, average knock 75-85%, works even on clean systems, no dependencies (AT ALL), log decryption on the server, build weight 150-300KB, steals Chromium and Mozilla based browsers, steals ~70 browser cryptocurrency and 2FA extensions, has a new method of bypassing Google unlogins (validity reaches 90-95%), non-resident Loader, low-level adaptive filegrabber, AI to detect bots in the panel, and the latest unique development - BINARY MORPHER.
 
LummaC2 is updated literally every two hours, add your specific browser or your specific extension - 2 clicks!
 
Technical information:
  • The language used in the development of this product is C
  • Virtually no high-level WINAPI is used
  • The product is on the most powerful servers with anti-DDoS protection.
  • All decryption is completely server-based, all data transmitted by the stealer is decrypted on the server.
  • In order to increase chunking, data is sent in chunks.
  • The weight of the build is 150-300KB, CRT is present but not used, on request if you care about weight, link CRT from another studio, the weight will decrease in the process, UPX will compress the build to 80KB, but it is not recommended to do this procedure
  • A neighbor detection system is available, as well as a traffic quality monitoring system
  • System calls support ARM, x86, x64 architectures
  • Stealer works on operating system versions from Windows 7 x32 to Windows 11 x64 with the latest updates.
  • There is a knock in Telegram bot / channel, both about the arrival of the log, and the log itself
  • All interaction with the OS is done through calls to a low-level wrapper written in ASM over system calls, no WinAPI only manual syscall calls (corporate rate).
  • Where WinAPI is used - its calls are encrypted (read custom GetProcAddress)
  • Implemented Heavens Gate technology allowing to switch from WoW64 mode (corporate tariff)
  • Spreading without crypt protection
  • DomainDetect is included in the log format
  • Build is covered by default by our binary morpher with Control flow.
  • Non-residential Loader
  • Google unlogins bypass implemented (90-95% validity)
  • CC collection is implemented
  • Gasket rotation is implemented, 1+10 addresses are sewn into the build (instead of 1+1 main and backup addresses before), it increases survivability and stability of the build many times.
Screenshot of panel (Clickable)
Log format:
[Image: 1d5a9f473ceb4413cec6f.jpg]
 
 
Pricing plans:
 
EXPERIENCED
  • Set filters up to 10 .
  • Download logs in bulk
  • Possibility to upload logs by your search query (for example - only with wallets or only with instagram.com)
  • Ability to use search by parameters (country, with or without currency, with a specific filter)
  • Ability to clear dumps, dumps statistics on the "quality of logs" page
  • 3 tags for builds
PRICE: $250/month
--------
PROFESSIONAL
  • All features of previous privileges
  • Unlimited number of filters
  • Logs can be deleted in bulk (by zeroing the counter)
  • Share your stats with others
  • Logs quality widget available
  • Filter widget is available
  • Search widened, logs search and downloading is available by request (in cookies/passwords)
  • Ability to monitor number of neighbors in logs
  • Logs quality rating system available
  • Ability to create and edit grabber profiles
  • Ability to add and remove extensions
  • Ability to add and remove browsers
  • Ability to add and remove paths for looting
  • Ability to use masks as well as variable paths
  • Ability to edit the data to be collected and the order of data collection, e.g. someone needs to collect cid phrases first and someone needs to collect chrome first
  • Ability to customize the depth of data collection
  • Ability to always roll back to default settings
  • Ability to create an unlimited number of rules in the profile
  • Ability to edit profile "hot", to change data collected by the stealer right during spreading
  • Non-residential Loader
PRICE: $500/month
--------
CORPORATE
  • Previous privileges features
  • Dedicated build cleanup line, build is cleaned more often
  • Improved bypass of proactive protection (no message LummaC2.exe tries to access password store), build lives longer
  • Google Unlogging Bypass (90-95% validity)
  • Great for you-know-where point-level security breaches
  • Generation of random builds by our morpher, each build is individual, different from the other
PRICE: $1.000/month
 -------
FAQ
Question: What happens after my subscription ends?
Answer: If your subscription ends, your traffic will not go anywhere, after the resumption of the subscription, logs during your inactivity will be waiting for you in the panel, this applies to ALL tariff plans.
 
Question: What guarantee on bounce rate?
Answer: It is impossible to say for sure at any particular moment, it depends on crypto and on how much time has passed after cleaning. In average on different exchanges and different crypto is 75%-85%.
 
Question: If I bought some tariff and its price increased during the process, will I pay this difference in price?
Answer: The clients, who bought the tariff the price is not indexed, the prices are indexed only for the new clients.
 
Question: How often does the cleaning take place?
Answer: We try to clean the build as often as possible. All tariffs except corporate are cleaned every 5 days. Corporate rate is cleaned every 2 days.
 
Question: Is crypt required?
Answer: Yes, crypt is required. The build is native, it is easy to crypt - there are partners who will make you a crypt without any problems.
 
Question: Does the stealer knock in CIS?
Answer: No and will not knock. Do not offer us any money - in any case there will be a refusal.
 
• Contacts(RU/EN):
Support/Seller - @lummaseller126
Telegram Channel (Clickable)
This post is by a banned member (Akira) - Unhide
This post is by a banned member (LummaStealer) - Unhide
289
Posts
1
Threads
1 Year of service
#3
Only for Cracked.io users in honor of the launch of sales we give 10% discount on all tariffs (until July 13 inclusive).
Write me the promo code "Cracked.io" before buying.

Experienced = 250$ 225$
Professional = 500$ 450$
Corporate = 1000$ 900$

• Contacts(RU/EN):
Support/Seller - @lummaseller126
Telegram Channel (Clickable)
This post is by a banned member (Lone_WolF0) - Unhide
This post is by a banned member (LummaStealer) - Unhide
289
Posts
1
Threads
1 Year of service
#5
[Image: 4DT9OP4.jpg]
Update 12.07

One of the biggest updates that we have been preparing for a long time, it is now possible to customize EVERYTHING that builds stealer! The ability to add your own extensions, your own paths, the ability to create configurations (hereinafter profiles), and when downloading a build to assign it a specific profile and edit the rules right during the shedding! This grabber is the most flexible on the market.

ATTENTION! The functionality is available starting from the tariff [Professional].
1. Ability to create and edit grabber profiles
2. Ability to add and remove extensions
3. Ability to add and remove browsers
4. Ability to add and remove paths for looting
5. Ability to use masks as well as variable paths
6. Ability to edit the data to be collected and the order of data collection, e.g. someone needs to collect cid phrases first and someone needs to collect chrome first
7. Ability to customize the depth of data collection
8. Ability to always roll back to default settings
9. Ability to create an unlimited number of rules in the profile
10. Ability to edit profile "hot", to change data collected by the stealer right during spreading
11. On the download page it is now possible to select the profile with which the build will work.
12. Builds are cleaned.


• Contacts(RU/EN):
Support/Seller - @lummaseller126
Telegram Channel (Clickable)
This post is by a banned member (LummaStealer) - Unhide
289
Posts
1
Threads
1 Year of service
Bumped #6
This is a bump
This post is by a banned member (LummaStealer) - Unhide
289
Posts
1
Threads
1 Year of service
#7
Update 13.07
1. When creating a profile in the grabber, it is now possible to select a preset that can be inherited from the standard configure
2. Fixed an error with backslashes

• Contacts(RU/EN):
Support/Seller - @lummaseller126
Telegram Channel (Clickable)
This post is by a banned member (LummaStealer) - Unhide
289
Posts
1
Threads
1 Year of service
Bumped #8
This is a bump

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 2 Guest(s)