GANG-NUKER 2.0 Cracked | DISCORD MULTI TOOL | Cleaned by ObbedCode

[Squadd303]

 

Im going to start a new thing for every infected thread , ASSUMING it has the clean BINs binded to it

I will reupload the the Content but the CLEAN Version.

Now it wont always be possible as some dont have the Binded Bins or are just plain out all infected

 

This Sample was Binded as a Windows .CAB or Cabinet File Upon Extraction you will get the Infected Bins and Non Infected Bins

 

Once Executed , Select option "1" enter a Random key

Once Greeted with the Logo Screen click Enter.

 

 

===========================================================

Downloads

===========================================================

 

Zippyshare

 

 

AnonFiles

 

 

MirrorAce

 

 

MultiUp

 

 

 

REAL VT Bin Scan:

https://www.virustot...41ddfa207177ad5

 

Clown of the Day Spreading the Coin Miner Malware goes to:

 

Spoiler

 

Full Analysis ON the INFECTED version

 

~ "WEXTRACT.exe" is the original file name

~ Description "Internet Explorer" (spoofed file details)

~ Its a Cabinet file so when extracting it now gives us two EXEs (Brw0C.exe) & (GANG.exe)

~ Gang.exe seems to be legit "Brw0C.exe" is not , it is also 700+ mb

~ Uses MPRESS packer

~ Runs as Admin executes Powershell

~ Drops files in the %AppData% Roaming Folder under "WindowsElements" folder

~ Files Dropped "Kapow.zip" , "DesktopSessionManager.exe" , "AntimalwareService.exe"

~ In the "Kapow" folder it has a file called "GPUMonitor.exe"

 

https://imgur.com/a/Mkf0c2n

 

Bin Scans:

Spoiler

WEXTRACT.exe:

https://www.virustotal.com/gui/file/715683700d7a4e514a44eca770fff7295af7f4327f3a852ddb8e8cb05cbf4a0b?nocache=1

https://www.virustotal.com/gui/file/d59f316336a4544ec85e9733381e69ee4766e2471e411978261dc9872bf54012?nocache=1

DesktopSessionManager.exe:

https://www.virustotal.com/gui/file/89ae08a7390f0d70aada33a53aca02021045166680060d6eadc694f0d5193c25?nocache=1



AntimalwareService.exe:

https://www.virustotal.com/gui/file/4813deccec566bad786cfea9896b1e4add2a1ca29cc4b1fc7a7273113e2ff6c2?nocache=1

https://imgur.com/a/Mkf0c2n

 

[Majmuneee11]

 

Im going to start a new thing for every infected thread , ASSUMING it has the clean BINs binded to it

I will reupload the the Content but the CLEAN Version.

Now it wont always be possible as some dont have the Binded Bins or are just plain out all infected

 

This Sample was Binded as a Windows .CAB or Cabinet File Upon Extraction you will get the Infected Bins and Non Infected Bins

 

Once Executed , Select option "1" enter a Random key

Once Greeted with the Logo Screen click Enter.

 

 

===========================================================

Downloads

===========================================================

 

Zippyshare

 

 

AnonFiles

 

 

MirrorAce

 

 

MultiUp

 

 

 

REAL VT Bin Scan:

https://www.virustot...41ddfa207177ad5

 

Clown of the Day Spreading the Coin Miner Malware goes to:

 

Spoiler

 

Full Analysis ON the INFECTED version

 

~ "WEXTRACT.exe" is the original file name

~ Description "Internet Explorer" (spoofed file details)

~ Its a Cabinet file so when extracting it now gives us two EXEs (Brw0C.exe) & (GANG.exe)

~ Gang.exe seems to be legit "Brw0C.exe" is not , it is also 700+ mb

~ Uses MPRESS packer

~ Runs as Admin executes Powershell

~ Drops files in the %AppData% Roaming Folder under "WindowsElements" folder

~ Files Dropped "Kapow.zip" , "DesktopSessionManager.exe" , "AntimalwareService.exe"

~ In the "Kapow" folder it has a file called "GPUMonitor.exe"

 

https://imgur.com/a/Mkf0c2n

 

Bin Scans:

Spoiler

WEXTRACT.exe:

https://www.virustotal.com/gui/file/715683700d7a4e514a44eca770fff7295af7f4327f3a852ddb8e8cb05cbf4a0b?nocache=1

https://www.virustotal.com/gui/file/d59f316336a4544ec85e9733381e69ee4766e2471e411978261dc9872bf54012?nocache=1

DesktopSessionManager.exe:

https://www.virustotal.com/gui/file/89ae08a7390f0d70aada33a53aca02021045166680060d6eadc694f0d5193c25?nocache=1



AntimalwareService.exe:

https://www.virustotal.com/gui/file/4813deccec566bad786cfea9896b1e4add2a1ca29cc4b1fc7a7273113e2ff6c2?nocache=1

https://imgur.com/a/Mkf0c2n

 

[naixttvc]

thanks ig

[Threats]

thanks matee

[Threats]

thanks matee

[Nicetoeatyou]

great one thanks boss

[YesimHP]

unl9cking

[Indys]

?

[seanmosley442]

thx m8

[iwantlinks2use]

iwantlinks2use