Malware bazaar
Member

Stealer + Clipper + Keylogger
Stealer is coded in C#, logs will be sent to your Discord channel using a webhook.
Data extraction:

- AntiAnalysis (VirtualBox, SandBox, Debugger, VirusTotal, Any.Run)
- Get system info (Version, CPU, GPU, RAM, IPs, BSSID, Location, Screen metrics, Installed apps)
- Chromium based browsers (passwords, credit cards, cookies, history, autofill, bookmarks)
- Firefox based browsers (db files, cookies, history, bookmarks)
- Internet explorer/Edge (passwords)
- Saved wifi networks & scan networks around device (SSID, BSSID)
- File grabber (Documents, Images, Source codes, Databases, USB)
- Detect banking & cryptocurrency services in browsers
- Steam, Uplay, Battle.Net, Minecraft session
- Install keylogger & clipper
- Desktop & Webcam screenshot
- ProtonVPN, OpenVPN, NordVPN
- Crypto Wallets
QUOTE:Zcash, Armory, Bytecoin, Jaxx, Exodus, Ethereum, Electrum, AtomicWallet, Guarda, Coinomi, Litecoin, Dash, Bitcoin - Crypto Wallet Extensions from Chrome & Edge
QUOTE:Binance, coin98, Phantom, Mobox, XinPay, Math10, Metamask, BitApp, Guildwallet, iconx, Sollet, Slope Wallet, Starcoin, Swash, Finnie, KEPLR, Crocobit, OXYGEN, Nifty, Liquality, Auvitas wallet, Math wallet, MTV wallet, Rabet wallet, Ronin wallet, Yoroi wallet, ZilPay wallet, Exodus, Terra Station, Jaxx. - Messenger Sessions, Accounts, Tokens
QUOTE:Discord, Telegram, ICQ, Skype, Pidgin, Outlook, Tox, Element, Signal - Directories structure
- Filezilla hosts
- Process list
- Product Key
- Autorun module
Features:

QUOTE:
These functions will become available in the builder only if you have autorun enabled.
-
- The keylogger will turn on if the user is texting in the chat or using the bank's website.
-
- Clipper turns on and replaces crypto wallet addresses in the clipboard when a user makes a transaction.
-
- Webcam screenshots will be taken if the user is watching something obscene on the Internet.
Builder:

Channel Webhook:

Download Link(updated):
You must reply before you can see the hidden data contained here.
Last edited by a moderator: