Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



 569

FudModule Dropper + Critical Hiding level from USER PRIVILAGE + 0 Point of Kernel32

by angelbanker - 20 April, 2024 - 04:44 AM
This post is by a banned member (angelbanker) - Unhide
126
Posts
17
Threads
(This post was last modified: 08 May, 2024 - 08:56 PM by angelbanker. Edited 1 time in total.)
[Image: Shooter-Screenshot-474-16-04-24.png]

[Image: Shooter-Screenshot-476-16-04-24.png]

[Image: Shooter-Screenshot-477-16-04-24.png]

[Image: Shooter-Screenshot-478-16-04-24.png]

[Image: Shooter-Screenshot-479-16-04-24.png]

Supports only .NET files without native signatures.
Ability to set process/file/injection path name.
Injection paths:
%Temp%
%AppData%
%LocalAppData%
%Userprofile%
%Allusersprofile%
%Public%
%ProgramData%
%WinDir%
%System32%
%ProgramFiles%
Injection into WinDir/System32 works without UAC prompt.

Set icon/properties:
Properties:
PRODUCT
DESCRIPTION
COMPANY
COPYRIGHT
TRADEMARKS
ORIGINAL FILE NAME
VERSION
OLD VERSION
Icon:
PE Header
Exporting function

Crypto-clipper for the following wallets:
1) Bitcoin
2) Ethereum
3) USDT TRC20
4) DogeCoin
5) LiteCoin
6) DashCoin
7) XMR Monero
8) TRX Tron
9) Polygon
10) Ripple
11) Tezos
12) Algorand
Hidden UAC bypass
Task scheduler dump
Critical payload hiding level
Removing restore points with ECC + anti-recovery instability with elliptic curve properties.
Adding stab to allowed Windows Defender threats + patch amsi in payload launch order from temporary folder.
Kill Process protect (BSOD)/driver exploitation based on win32.sys + invoke «RtlSetProcessIsCritical» in NTdll.dll (100% invoke) ✔️
Startup task manager
Startup registry
Hidden startup task scheduler
Virtual environment bypass VMware, VirtualBox, Hyper V, sandbox
Notification of new infected Telegram + Discord
Dotnet package obfuscation + Themida obf
Debugger detection/system-end BSOD call
Termination of surface processes specified in the code/other malware + kill by mutex

Dropper file compression default + MPRESS
Extension spoofing

The payload stab will only work on Windows versions with net 4.0 / and any Windows platform (target: winexe) - x86/x64

++++++
Multi Binder

set uac bypass "true/false";
set task scheduler startup "true/false";
set critical hiding "true/false";
set win_excls "true/false";
set run/ "true/false";
set run_once/ "true/false";
set registry startup "true/false";

Paths:
1) Temp
2) AppData
3) UserProfile
4) AllUserprofile
5) Public
6) ProgramData
7) LocalAppdata
8) WinDir / without UAC bypass (100% bypass) ✔️+  auto critical hiding ✔️
9) System32 / without UAC bypass (100% bypass) ✔️
10) Current 
11) Desktop 
12) Startup + critical hiding (hidden) ✔️
13) ProgramFiles

 Ya ain't responsible fer yer problems if other antivirus software catches it, the encryption side's on ya. We ain't refundin' no money neither.

Price: $200 lifetime
Contacts:
qTox - 0DF8A8515581B7BE24D2FC1F107AD38E20E6F26F6DF83E6C30AB49FF4707BD5720A0F4A38AB5

Vouch copies are only issued to administrators or staff of this forum.
Ready to work through any administrator of this forum, with a commission of $10 from each sale.


This is a bump
This post is by a banned member (n1k7) - Unhide
n1k7  
Supreme
232
Posts
4
Threads
#2
BUMP BFF!
AFFORDABLE BUT POWERFUL AND LOW DETECTION CRYPT SERVICE, 0/26 on AVCHECK.NET GUARANTEE:
https://cracked.io/Thread-EchoCrypt-Prot...id37984886

 
Telegramhttps://t.me/n1k7l


This post is by a banned member (fstark) - Unhide
This post is by a banned member (angelbanker) - Unhide
126
Posts
17
Threads
Bumped #4
This is a bump
This post is by a banned member (angelbanker) - Unhide
126
Posts
17
Threads
Bumped #5
This is a bump
This post is by a banned member (angelbanker) - Unhide
126
Posts
17
Threads
Bumped #6
This is a bump
This post is by a banned member (angelbanker) - Unhide
126
Posts
17
Threads
Bumped #7
This is a bump
This post is by a banned member (angelbanker) - Unhide
126
Posts
17
Threads
#8
Update v2
[+] Added Procecc Hollowing mechanism
[+] Added KPP bypass mechanism for kernel control with administrator privileges
[+] 3 ring rootkit for anti-detection in task manager, process explorer, process hacker only for 32-bit systems
  • Fixed command obfuscation management mechanism, obfuscator updated to the latest version
  • Redesigned design as requested by customers

    [Image: Shooter-Screenshot-616-11-05-24.png]
    [Image: Shooter-Screenshot-615-11-05-24.png]

    Contacts:
    qTox - 0DF8A8515581B7BE24D2FC1F107AD38E20E6F26F6DF83E6C30AB49FF4707BD5720A0F4A38AB5 
    Session - 05eca1eae9cd4c27373b635def91514bd682cddd3bcc26d1c857bbcff3c7d28624 

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 1 Guest(s)