Статус
В этой теме нельзя размещать новые ответы.

SecureAgent

Пользователь

  • 18.11.2022
  • 6
  • 0
  • 3
  • 0 руб.
  • 0 $
SecureAgent не предоставил(а) никакой дополнительной информации.
3.png



BIT LOADER
ShowCase -
Sellix -

Silent, hidden malware downloader.
Build your own powerful FUD encrypted stub for your RAT / Remote Administrator Tools.

BIT LOADER is a program to convert your RAT .NET stub signature into a full rank rootkit.
Note about rootkit :=
The term Rootkit historically came from the world of UNIX, and this term refers to a set of utilities or a special kernel module that an attacker installs on a computer system that he has hacked immediately after gaining superuser rights. This set, as a rule, includes various utilities for "covering the tracks" of an intrusion into the system, making sniffers, scanners, keyloggers, Trojans invisible, replacing the main UNIX utilities (in the case of a non-nuclear rootkit). Rootkit allows an attacker to gain a foothold in a compromised system and hide traces of their activities by hiding files, processes, and the very presence of a rootkit in the system.

Architecture
BIT LOADER - as of 2023 only supports .NET signature stubs, c/c++ language signatures are not supported

BIT LOADER provides basic functions such as spoofer, multi-app-binder, size substitution for a particular stub

Bypass UAC with iscsicpl
Iscsicpl.exe binary is vulnerable to vulnerability
intercepting the search order of a DLL when running a 32-bit Microsoft binary on a 64-bit host via SysWOW64.
This allows you to covertly and discreetly bypass UAC protection.

PROCESS C_BSOD - This feature is very strong and has burst and response attributes under
your stub process {NtSetInformationProcess}
{NtSetInformationProcess} - created under the process of your
stubs and when shutting down the stub process calls
blue screen of death, which causes a reboot, it is installed under the stub process completely hidden

Critical hiding level - This function will turn a regular file into a system-hidden file by changing its article link number to a number between 2 and -2 reserved by the file system. This makes the file invisible and protected from modification. Invisible means that neither the tool explorer nor the dir command will see it. However, the file system treats it as a system file and thus prevents any file with that name from being written to that location. It's like when you try to create a file called $MFT at the root of a volume something like curling a file with $name (r77( )), which the file system won't let you The only way to modify this file is to write it in a hex editor to a physical disk, but even this requires demodifying the file in such a way that it appears before your eyes

Windows Defender exclusions - With this feature, your file will be added to the allowed threats, which will prevent files from being scanned
It is worth considering that most commercial antiviruses do not detect NOT allowed threats, and thus will prevent scanning from all antiviruses in the system.

Task Scheduler Explosion - This feature causes the task scheduler to be perv-shutdown while your stub is running.
Under the stub there are also two subprocesses that load the stub when a specific selected file is opened.
The execution structure is fault tolerant due to the fact that all compute nodes participate in the process of sending and processing jobs, this causes an explosion in the task scheduler due to a huge load, with which it is turned off
UnHook is planned to be added in the future

Skip all virtual spaces - these functions allow you to prevent running in a virtual machine, Bit Loader also has decompiler detection functions, if the stub is tried to be decompiled, it will be launched from the hidden zone due to compilation load

And much more awaits you in BIT LOADER....

GetSession ID - 05606b57562c2fe658710e669470eac28e7836c78f7899032219a9fdc636d1ed70

I do not use any other social networks, and never have, my thinking is based on the fact that 🖕telegram🖕 is an application that abuses the data of other users, so be aware that all posts,
accounts, channels that do not belong to GetSession ( ) , may be the last ones seen, your
money could fall into the wrong hands if you're not careful


Support for .NET stubs
Setting multiple paths to inject
Silent UAC Bypass
Task Scheduler Explosion
Critical hiding level
Deleting restore points
Adding to Windows Defender exclusions
BSOD protector
Don't let me sleep
Delete loader after unloading
Process resurrection
Disable critical hiding, hides normally
Critical FUD (not always)
Run through time (pointer)
Fake message
Kill the botnet
Skip vps servers
Skip the sandbox
Set properties
Set icon
Skip virtual environments
Running a stub on debug
Kill bots
x64 / NET 2.0 / NET 4.0 architecture support
Multi Binder App
Low entropy packing
Set fake file extension​
 
Статус
В этой теме нельзя размещать новые ответы.
Сверху Снизу