Home
Upgrade
Credits
Search
Awards
Auth
Vouches
ALERT!
Click here to register with a few steps and explore all our cool stuff we have to offer!

Jump to content

Home Upgrade Credits Search Awards Auth Vouches
Sign In
Create Account


Photo

GANG-NUKER 2.0 Cracked | DISCORD MULTI TOOL | Cleaned by ObbedCode

Started By ObbedCode, Oct 25 2022 10:11 PM

  • Please log in to reply
GANG-NUKER 2.0 Cracked | DISCORD MULTI TOOL | Cleaned by ObbedCode

#501
Posted 20 April 2024 - 10:42 AM

bermadia
bermadia
    Offline
    0
    Rep
    1
    Likes

    New Member

Posts: 14
Threads: 0
Joined: Apr 20, 2024
Credits: 0
Half year registered
#501
Posted 20 April 2024 - 10:42 AM

 

Im going to start a new thing for every infected thread , ASSUMING it has the clean BINs binded to it

I will reupload the the Content but the CLEAN Version.

Now it wont always be possible as some dont have the Binded Bins or are just plain out all infected :(

 

This Sample was Binded as a Windows .CAB or Cabinet File Upon Extraction you will get the Infected Bins and Non Infected Bins

 

Once Executed , Select option "1" enter a Random key

Once Greeted with the Logo Screen click Enter.

 

cW4YOgm.png

 

===========================================================

Downloads

===========================================================

 

Zippyshare

 

 

AnonFiles

 

 

MirrorAce

 

 

MultiUp

 

 

 

REAL VT Bin Scan:

https://www.virustot...41ddfa207177ad5

 

Clown of the Day Spreading the Coin Miner Malware goes to:

 

Spoiler

Full Analysis ON the INFECTED version

 

~ "WEXTRACT.exe" is the original file name

~ Description "Internet Explorer" (spoofed file details)

~ Its a Cabinet file so when extracting it now gives us two EXEs (Brw0C.exe) & (GANG.exe)

~ Gang.exe seems to be legit "Brw0C.exe" is not , it is also 700+ mb

~ Uses MPRESS packer

~ Runs as Admin executes Powershell

~ Drops files in the %AppData% Roaming Folder under "WindowsElements" folder

~ Files Dropped "Kapow.zip" , "DesktopSessionManager.exe" , "AntimalwareService.exe"

~ In the "Kapow" folder it has a file called "GPUMonitor.exe"

 

https://imgur.com/a/Mkf0c2n

 

Bin Scans:

Spoiler

 

 

 

Im going to start a new thing for every infected thread , ASSUMING it has the clean BINs binded to it

I will reupload the the Content but the CLEAN Version.

Now it wont always be possible as some dont have the Binded Bins or are just plain out all infected :(

 

This Sample was Binded as a Windows .CAB or Cabinet File Upon Extraction you will get the Infected Bins and Non Infected Bins

 

Once Executed , Select option "1" enter a Random key

Once Greeted with the Logo Screen click Enter.

 

cW4YOgm.png

 

===========================================================

Downloads

===========================================================

 

Zippyshare

 

 

AnonFiles

 

 

MirrorAce

 

 

MultiUp

 

 

 

REAL VT Bin Scan:

https://www.virustot...41ddfa207177ad5

 

Clown of the Day Spreading the Coin Miner Malware goes to:

 

Spoiler

Full Analysis ON the INFECTED version

 

~ "WEXTRACT.exe" is the original file name

~ Description "Internet Explorer" (spoofed file details)

~ Its a Cabinet file so when extracting it now gives us two EXEs (Brw0C.exe) & (GANG.exe)

~ Gang.exe seems to be legit "Brw0C.exe" is not , it is also 700+ mb

~ Uses MPRESS packer

~ Runs as Admin executes Powershell

~ Drops files in the %AppData% Roaming Folder under "WindowsElements" folder

~ Files Dropped "Kapow.zip" , "DesktopSessionManager.exe" , "AntimalwareService.exe"

~ In the "Kapow" folder it has a file called "GPUMonitor.exe"

 

https://imgur.com/a/Mkf0c2n

 

Bin Scans:

Spoiler

 


  • 0

#502
Posted 22 April 2024 - 08:57 AM

hardstrax
hardstrax
    Offline
    0
    Rep
    0
    Likes

    podzhigatel

Posts: 14
Threads: 1
Joined: Apr 11, 2024
Credits: 0
Half year registered
#502
Posted 22 April 2024 - 08:57 AM

Nice 

 


  • 0

 

 

#503
Posted 24 April 2024 - 09:50 AM

ryzerrr30
ryzerrr30
    Offline
    0
    Rep
    0
    Likes

    Lurker

Posts: 3
Threads: 0
Joined: Apr 24, 2024
Credits: 0
Half year registered
#503
Posted 24 April 2024 - 09:50 AM

tyyyyyyyyyy


  • 0

#504
Posted 24 April 2024 - 10:44 AM

DoffyJwns
DoffyJwns
    Offline
    0
    Rep
    0
    Likes

    MAWFAKER

Posts: 36
Threads: 0
Joined: Feb 18, 2023
Credits: 0

One year registered
#504
Posted 24 April 2024 - 10:44 AM
This is gold

  • 0

#505
Posted 26 April 2024 - 06:40 PM

Sunet
Sunet
    Offline
    0
    Rep
    0
    Likes

    Lurker

Posts: 1
Threads: 0
Joined: Apr 26, 2024
Credits: 0
Half year registered
#505
Posted 26 April 2024 - 06:40 PM

a


  • 0

#506
Posted 29 April 2024 - 11:18 PM

Wawawaw12334
Wawawaw12334
    Offline
    0
    Rep
    0
    Likes

    Member

  • PipPipPip
Posts: 34
Threads: 0
Joined: Apr 25, 2024
Credits: 0

Half year registered
#506
Posted 29 April 2024 - 11:18 PM

ty


  • 0

#507
Posted 02 May 2024 - 03:17 AM

hirmano
hirmano
    Offline
    0
    Rep
    0
    Likes

    New Member

Posts: 19
Threads: 0
Joined: Aug 16, 2022
Credits: 0
Two years registered
#507
Posted 02 May 2024 - 03:17 AM

tyyyyyyyyyyyyyyyyyyyy


  • 0

#508
Posted 12 May 2024 - 04:33 AM

sDGGaSFFSaf
sDGGaSFFSaf
    Offline
    0
    Rep
    0
    Likes

    Lurker

Posts: 1
Threads: 0
Joined: May 12, 2024
Credits: 0
Half year registered
#508
Posted 12 May 2024 - 04:33 AM

no way thank you

 


  • 0

#509
Posted 12 May 2024 - 04:35 AM

davidbransom
davidbransom
    Offline
    0
    Rep
    1
    Likes

    New Member

Posts: 24
Threads: 0
Joined: May 12, 2024
Credits: 0
Half year registered
#509
Posted 12 May 2024 - 04:35 AM

thanks for this !


  • 0

#510
Posted 15 May 2024 - 09:02 PM

ranger389
ranger389
    Offline
    0
    Rep
    0
    Likes

    New Member

Posts: 17
Threads: 0
Joined: Aug 16, 2023
Credits: 0
One year registered
#510
Posted 15 May 2024 - 09:02 PM

 

Im going to start a new thing for every infected thread , ASSUMING it has the clean BINs binded to it

I will reupload the the Content but the CLEAN Version.

Now it wont always be possible as some dont have the Binded Bins or are just plain out all infected :(

 

This Sample was Binded as a Windows .CAB or Cabinet File Upon Extraction you will get the Infected Bins and Non Infected Bins

 

Once Executed , Select option "1" enter a Random key

Once Greeted with the Logo Screen click Enter.

 

cW4YOgm.png

 

===========================================================

Downloads

===========================================================

 

Zippyshare

 

 

AnonFiles

 

 

MirrorAce

 

 

MultiUp

 

 

 

REAL VT Bin Scan:

https://www.virustot...41ddfa207177ad5

 

Clown of the Day Spreading the Coin Miner Malware goes to:

 

Spoiler

Full Analysis ON the INFECTED version

 

~ "WEXTRACT.exe" is the original file name

~ Description "Internet Explorer" (spoofed file details)

~ Its a Cabinet file so when extracting it now gives us two EXEs (Brw0C.exe) & (GANG.exe)

~ Gang.exe seems to be legit "Brw0C.exe" is not , it is also 700+ mb

~ Uses MPRESS packer

~ Runs as Admin executes Powershell

~ Drops files in the %AppData% Roaming Folder under "WindowsElements" folder

~ Files Dropped "Kapow.zip" , "DesktopSessionManager.exe" , "AntimalwareService.exe"

~ In the "Kapow" folder it has a file called "GPUMonitor.exe"

 

https://imgur.com/a/Mkf0c2n

 

Bin Scans:

Spoiler

 

ty


  • 0
Back to Cracking Tools

 Users browsing this thread:

  1. Nulled
  2. Cracking
  3. Cracking Tools