This post is by a banned member (jayciscrazy) - Unhide
12 April, 2024 - 08:08 PM
Reply
This post is by a banned member (oonerwareceo) - Unhide
This post is by a banned member (brxdxrz) - Unhide
This post is by a banned member (Friedtopoint) - Unhide
This post is by a banned member (theonlymf) - Unhide
19 April, 2024 - 07:17 PM
(This post was last modified: 19 April, 2024 - 07:17 PM by theonlymf.)
Reply
rgrrgrgrggrgrgAdvanced Remote Administration Tool
(08 April, 2023 - 10:57 PM)iot1337 Wrote: Show MoreTechnical Information:
https://leaked.wiki/p/6xtX6rAZ9V
Features:- Remote command execution
- Silent background process
- Download and run file (Hidden)
- Safe Mode startup
- UAC Bypass
- Will automatically connect to the server
- Data sent and received is encrypted (substitution cipher)
- Files are hidden
- File Infector
- Symmetric Cryptography
- Hijack Execution Flow: DLL Side-Loading
- Deobfuscate/Decode Files or Information
- Input Capture Keylogging
- Command and Scripting Interpreter
- Installed Antivirus shown to server
- Indicator Removal: Clear Windows Event Logs
- Indicator Removal: File Deletion
- Easily spread malware through download feature
- Startup info doesn't show in msconfig or other startup checking programs like CCleaner
- Disable Task Manager
- TCP Connections
- Non-Application Layer Protocol
- ActiveWindows
- StartupManager
- Registry Editor
- Process Manager
- Clipboard Manager
- Shell
- Installed Programs
- DDos Attack
- VB Net Compiler
- Location Manager [GPS - IP]
- File Manager
- Client [Restart - Close - Uninstall - Update - Block - Note]
- Power [Shutdown - Restart - Logoff]
- More
Download Link:
Virus Scans:
Virus total Report:
https://www.virustotal.com/gui/file/b0bc.../community
HTML Report:
https://www.joesandbox.com/analysis/379667/0/html
PDF Report:
https://www.joesandbox.com/analysis/379667/0/pdf
Executive Report:
https://www.joesandbox.com/analysis/379667/0/executive
Incident Report:
https://www.joesandbox.com/analysis/379667/0/irxml
IOCs:
https://www.joesandbox.com/analysis/3796...analysisid
rgrrgrgrggrgrgAdvanced Remote Administration Tool- Remote command executionffhfhfhhff
- Silent background process
- Download and run file (Hidden)
- Safe Mode startup
- UAC Bypass
- Will automatically connect to the server
- Data sent and received is encrypted (substitution cipher)
- Files are hidden
- File Infector
- Symmetric Cryptography
- Hijack Execution Flow: DLL Side-Loading
- Deobfuscate/Decode Files or Information
- Input Capture Keylogging
- Command and Scripting Interpreter
- Installed Antivirus shown to server
- Indicator Removal: Clear Windows Event Logs
- Indicator Removal: File Deletion
- Easily spread malware through download feature
- Startup info doesn't show in msconfig or other startup checking programs like CCleaner
- Disable Task Manager
- TCP Connections
- Non-Application Layer Protocol
- ActiveWindows
- StartupManager
- Registry Editor
- Process Manager
- Clipboard Manager
- Shell
- Installed Programs
- DDos Attack
- VB Net Compiler
- Location Manager [GPS - IP]
- File Manager
- Client [Restart - Close - Uninstall - Update - Block - Note]
- Power [Shutdown - Restart - Logoff]
- More
This post is by a banned member (ind1xhtml) - Unhide
22 April, 2024 - 11:44 PM
Reply
This post is by a banned member (xav123q) - Unhide
This post is by a banned member (omar2lz) - Unhide