A TEXT POST

Working on a C# botNET

Hello readers, 

In this article I will show you my new project :

Korsakoff botNET.

It will don’t do  form grabber but bitcoin miner, adware, and other stuff like that.

Also Windows key & FTP infos stealers and auto *.html backdooring. (JDB)

List of functions :

  • Auto .html backdooring
  • WebPanel
  • CPU bitcoin mining
  • Adware
  • Advanced rootkit
  • MD5/SHA-1 bruteforcer
  • Fully Undetected using USG & CodeDom. 
  • FTP Stealer
  • Windows Key stealer

If you have idea comment here or contact me via the ask page.

P.S : Also, it’s my birthday. 

You can eat it, it’s not a lie (;

hack crack vb.net diablo worm

A TEXT POST

What about the “Diablo Worm” ‘s server?

Logo

All options is checked.

It create that file : “C:\WINDOWS\Temp\internet.txt” with the email to send to the creater of server.

It download this file : “C:\WINDOWS\system32\Mozsqlite3.dll”

 It kill all other R.A.T’s server ( DarkComet and other )

It download 3 files : 

  • C:\Windows\Temp\{SERVER NAME}.exe
  • C:\Windows\{SERVER NAME}.exe
  • C:\Windows\System32\{SERVER NAME}.exe

It create 3 registry key, in : “SOFTWARE\Microsoft\Windows\CurrentVersion\Run”.

  • C:\Windows\Temp\{SERVER NAME}.exe
  • C:\Windows\{SERVER NAME}.exe
  • C:\Windows\System32\{SERVER NAME}.exe

malware vb.net hack

A TEXT POST

Do you really think that VB.NET is good for malware? (Cracked - Dropper.Generic4.BINW )

Logo

On this article I will use a paid worm : http://phpbb.voila.net/DiabloWormv2.2.rar

Detection : http://www.virustotal.com/file-scan/report.html?id=d77a12285d166538ab5f3a70b6a915b75bdaeb40e6b6c58f4160008598be526f-1319132428

If the link don’t work, comment this article and I will put a mirror.

Folder content

The main form is like this :

main form

It can be open in .NET Reflector with no problem :

In net reflector

The server too :

Server in reflector

It connect to http://phpbb.voila.net/Data.txt for check HWID : 

Connect to PHPBB

The txt file look like this : 

TXT

And the decompiled shit: 

decompiled shit

http://www.mediafire.com/?rkgay2hk2250g29

Admin a.k.a firedrop a.k.a drdarkhack, you need to rethink your security. 

243 (4.7%)

Atonement by Toni Romero Powered by Tumblr / Archives / Feed