Sign In
Create Account
THANKS SO MUCH
GANG-NUKER 2.0 Cracked | DISCORD MULTI TOOL | Cleaned by ObbedCode
Started By ObbedCode, Oct 25 2022 10:11 PM
#381
Posted 04 July 2023 - 10:31 AM
ryze333
Offline
0
Likes
Likes
Member
Posts: 32
Threads: 0
Joined: Mar 19, 2023
Credits: 0
One year registered
#382
Posted 04 July 2023 - 09:56 PM
Sixkashi
Offline
0
Likes
Likes
Member
Posts: 43
Threads: 0
Joined: Apr 27, 2023
Credits: 0
One year registered
#383
Posted 07 July 2023 - 05:23 PM
fardeatermeow
Offline
1
Likes
Likes
Addicted
Posts: 161
Threads: 0
Joined: Apr 14, 2023
Credits: 0
One year registered
#384
Posted 08 July 2023 - 04:59 PM
rozvaldwsxxd
Offline
2
Likes
Likes
Advanced Member
Posts: 93
Threads: 0
Joined: Mar 14, 2022
Credits: 0
Two years registered
#385
Posted 11 July 2023 - 08:31 AM
Dav554634534
Offline
0
Likes
Likes
Lurker
Posts: 3
Threads: 0
Joined: Jul 11, 2023
Credits: 0
One year registered
#386
Posted 11 July 2023 - 08:32 AM
Dav554634534
Offline
0
Likes
Likes
Lurker
Posts: 3
Threads: 0
Joined: Jul 11, 2023
Credits: 0
One year registered
#387
Posted 11 July 2023 - 08:33 AM
Dav554634534
Offline
0
Likes
Likes
Lurker
Posts: 3
Threads: 0
Joined: Jul 11, 2023
Credits: 0
One year registered
#388
Posted 11 July 2023 - 11:55 AM
Virtuoxo
Offline
0
Likes
Likes
Lurker
Posts: 4
Threads: 0
Joined: Jul 11, 2023
Credits: 0
One year registered
#388
Posted 11 July 2023 - 11:55 AM
Im going to start a new thing for every infected thread , ASSUMING it has the clean BINs binded to it
I will reupload the the Content but the CLEAN Version.
Now it wont always be possible as some dont have the Binded Bins or are just plain out all infected
This Sample was Binded as a Windows .CAB or Cabinet File Upon Extraction you will get the Infected Bins and Non Infected Bins
Once Executed , Select option "1" enter a Random key
Once Greeted with the Logo Screen click Enter.
===========================================================
Downloads
===========================================================
Zippyshare
AnonFiles
MirrorAce
MultiUp
REAL VT Bin Scan:
https://www.virustot...41ddfa207177ad5
Clown of the Day Spreading the Coin Miner Malware goes to:
SpoilerFull Analysis ON the INFECTED version
~ "WEXTRACT.exe" is the original file name
~ Description "Internet Explorer" (spoofed file details)
~ Its a Cabinet file so when extracting it now gives us two EXEs (Brw0C.exe) & (GANG.exe)
~ Gang.exe seems to be legit "Brw0C.exe" is not , it is also 700+ mb
~ Uses MPRESS packer
~ Runs as Admin executes Powershell
~ Drops files in the %AppData% Roaming Folder under "WindowsElements" folder
~ Files Dropped "Kapow.zip" , "DesktopSessionManager.exe" , "AntimalwareService.exe"
~ In the "Kapow" folder it has a file called "GPUMonitor.exe"
Bin Scans:
Spoiler
#389
Posted 11 July 2023 - 12:13 PM
Virtuoxo
Offline
0
Likes
Likes
Lurker
Posts: 4
Threads: 0
Joined: Jul 11, 2023
Credits: 0
One year registered
#389
Posted 11 July 2023 - 12:13 PM
Her virüslü i? parçac??? için yeni bir ?ey ba?lataca??m, kendisine ba?l? temiz BIN'lere sahip oldu?unu farz ediyorum
?çeri?i ancak TEM?Z Sürümü yeniden yükleyece?im.
?imdi, baz?lar?nda Ba?lanm?? Kutular olmad???ndan veya tamamen virüs bula?t???ndan, bu her zaman mümkün olmayacak.
Bu Örnek Windows .CAB veya Kabin Dosyas? Olarak Ba?land? Ç?kart?ld?ktan Sonra Virüslü Kutular? ve Virüslü Olmayan Kutular? alacaks?n?z
Yürütüldükten sonra, "1" seçene?ini seçin, bir Rastgele tu? girin
Logo Ekran? ile Kar??land?ktan Sonra Enter'a T?klay?n.
================================================= =========
?ndirilenler
================================================= =========
Zippyshare
[gizle] https://www22.zippys...Q41nk/file.html [/hide]
Anon Dosyalar?
[gizle] https://anonfiles.co...gangcracked_zip [/hide]
ayna as
[gizle] https://mirrorace.org/m/1Ne6k [/hide]
Çoklu Yukar?
[gizle] https://multiup.org/...2227f863a231e65
[/hide]
GERÇEK VT Kutusu Taramas?:
https://www.virustot...41ddfa207177ad5
Clown of the Day Spreading the Coin Miner Malware goes to:
SpoilerFull Analysis ON the INFECTED version
~ "WEXTRACT.exe" is the original file name
~ Description "Internet Explorer" (spoofed file details)
~ Its a Cabinet file so when extracting it now gives us two EXEs (Brw0C.exe) & (GANG.exe)
~ Gang.exe seems to be legit "Brw0C.exe" is not , it is also 700+ mb
~ Uses MPRESS packer
~ Runs as Admin executes Powershell
~ Drops files in the %AppData% Roaming Folder under "WindowsElements" folder
~ Files Dropped "Kapow.zip" , "DesktopSessionManager.exe" , "AntimalwareService.exe"
~ In the "Kapow" folder it has a file called "GPUMonitor.exe"
Bin Scans:
[spoiler]WEXTRACT.exe: https://www.virustotal.com/gui/file/715683700d7a4e514a44eca770fff7295af7f4327f3a852ddb8e8cb05cbf4a0b?nocache=1 https://www.virustotal.com/gui/file/d59f316336a4544ec85e9733381e69ee4766e2471e411978261dc9872bf54012?nocache=1 DesktopSessionManager.exe: https://www.virustotal.com/gui/file/89ae08a7390f0d70aada33a53aca02021045166680060d6eadc694f0d5193c25?nocache=1 AntimalwareService.exe: https://www.virustotal.com/gui/file/4813deccec566bad786cfea9896b1e4add2a1ca29cc4b1fc7a7273113e2ff6c2?nocache=1 https://imgur.com/a/Mkf0c2n[/bir ?eyin önceden reklam?]
#390
Posted 11 July 2023 - 05:17 PM
Uneeeeen
Offline
1
Likes
Likes
Member
Posts: 49
Threads: 0
Joined: May 01, 2023
Credits: 0
One year registered
Users browsing this thread:
