Coded in Lazarus (Pascal)
Code is fully relocatable (Shellcode)
Uses custom CRC32 API loader
Uses BeaEngine Disassembler for x86 and x64
Uses named pipes for inter-process communication
Multpiple layers of encryption and compression
Global Ring 3 rootkit
No own process
No dependencies (Only standard system DLLs)
Multiple Anti-Debug methods
Unique Server->Bot traffic encryption
Anti bot installation
Internet Explorer Formgrabber
Mozilla FireFox Formgrabber
Google Chrome Formgrabber
FTP and POP3 Grabber
Update and Download System
MD5 Verified Update and Download System
Reverse Socks 5
Browse URL (Visible)
Browse URL (Hidden)
Note: GetAntiVirus.bin & MessageBox.bin cause crashing issues!
Known Issues & Fixes
-Bot online then immediately disconnects
(Fix)Two issues cause this.
First is GetAntiVirus.bin & MessageBox.bin disable them they cause injection issues!
Second is crypting the bot with 2 domains set causes the file to copy itself exponentially!
-Formgrabber produces thousands of logs
I'm gonna check it out after this thread and update back with a fix
I haven't had a chance to see if any of the plugins are actually doing what they're supposed to. I will check it out after this thread is done and report back.
I'm still messing around with this a lot, if anyone finds anything i haven't stated PM me and i will take a look.
I take no credit for this bot, it was neither coded or cracked by me. I'm posting it to stop kids from wasting money and getting scammed by other members.
It is leaked and on various forums and the owner is no longer selling it.
If anyone needs help setting up or getting a host that allows it just PM me and i'll help you out.