o1oo1
Member
- Messages
- 2
- Reaction score
- 0
- Points
- 1
ALL MAJOR BOTS / STEALERS SUPPORTED (can always contact to test another software you want supported)
EACH STUB IS UNIQUE. NO STUBS ARE SOLD TO MULTIPLE CUSTOMERS
MAIN FEATURES:
VERY long FUD time, with quick re-cleaning when needed
TOTALLY CLEAN ALL SCANTIME / RUNTIME / CLOUD / ON-DOWNLOAD
ALL INTENSE MEMORY SCANS FULLY BYPASSED FOR EVERY SOFTWARE
SMALL STUB SIZE (as low as 50kb)
32bit / 64bit Stubs
ALL Stubs can load x64/x86/all .NET, DOES NOT MATTER if the stub is 32bit or 64bit, they can all load anything
SUPPORT ALL .NET (32bit/64bit)
full fud on all runtime with remcos
THE STUB HAS NO DEPENDENCIES, ITS PURE C
REMCOS - ESET Premium Security 2023
REMCOS - Avast Internet Security 2023
REMCOS - Kaspersky Internet Security 2023
REMCOS - Windows Defender 2023
Basic functions:
x64/x86/all .NET files supported
icon support
multi-file binding support (execution on first run only or every run) GLUE EXE + EXE
direct payload obfuscation
melt added (for static / EV)
ev builds can now self-install
diversity and quality of stubs improved significantly
pump options (correct file enlargement without detection)
clone certificate / clone version info / clone icon
Load method:
stealth: custom loading method is used which involves creating a new process
invisible: no process created, its a very stealthy loading method. only use if stealth method is causing issues
Inject Target: this is the name of the windows process that will be injected into (explorer.exe, cmd.exe, ftp.exe, certutil.exe, werfault.exe are all valid)
Startup: Name: name of the installed .exe. Any name is valid
Startup: Directory Name: name of the directory that holds installed .exe
Startup: Directory Path: Path in Windows where startup is installed
Startup: Method: Method used to launch file with Windows
Single-instance
Major changes:
- Persistence options added
- New startup method added (Task scheduler)
- Image data is now always in a valid PNG, so using professional sites like photobucket/imageshack are fine to use
- Added ability to disable injection, so the payload loads very stealthy inside an EV signed process (or static stub if you choose)
- Added Command Line Forwarding, now all command lines are forwarded (including startup commandline)
Minor changes:
- Now a mega.nz download link is provided for all stubs, so if a stub fails to download on TOR, just download it manually and put it in the 'stubs' folder (Link provided on the Stubs panel)
- Added a Low Entropy option for Pump Options. This allows the user to pump a file with data which can be compressed heavily, preventing submission to analysis services like virustotal without increasing the payload size
TEST INTERNET ON
Lumma https://scanner.to/result/ApMQahUdih
Vidar https://scanner.to/result/JLUufhGxVG
Remcos https://scanner.to/result/eOA9gF7hWe
loader Amadeus https://scanner.to/result/5nK3lj72Jt
EDR Amadeus https://scanner.to/result_EDR/aUx063tMzl
DanaBot https://scanner.to/result/fcC1IyPcoA
Remcos EDR https://scanner.to/result_EDR/VjLKHgHhtD
First 5 clients with 15+ reputation get free software for a test period of 2 days per review. Please write your requests to develop new features
Subscription price $3000 / month
Feedback https://forum.exploit.in/topic/226528/
ALWAYS BYPASS WINDOWS DEFENDER, CLOUD IN SCANTIME, RUNTIME
BYPASS SMARTSCREEN
BYPASS GOOGLECHROME
Telegram: https://t.me/HelpBot777
Jabber: araks@exploit.im
EACH STUB IS UNIQUE. NO STUBS ARE SOLD TO MULTIPLE CUSTOMERS
MAIN FEATURES:
VERY long FUD time, with quick re-cleaning when needed
TOTALLY CLEAN ALL SCANTIME / RUNTIME / CLOUD / ON-DOWNLOAD
ALL INTENSE MEMORY SCANS FULLY BYPASSED FOR EVERY SOFTWARE
SMALL STUB SIZE (as low as 50kb)
32bit / 64bit Stubs
ALL Stubs can load x64/x86/all .NET, DOES NOT MATTER if the stub is 32bit or 64bit, they can all load anything
SUPPORT ALL .NET (32bit/64bit)
full fud on all runtime with remcos
THE STUB HAS NO DEPENDENCIES, ITS PURE C
REMCOS - ESET Premium Security 2023
REMCOS - Avast Internet Security 2023
REMCOS - Kaspersky Internet Security 2023
REMCOS - Windows Defender 2023
Basic functions:
x64/x86/all .NET files supported
icon support
multi-file binding support (execution on first run only or every run) GLUE EXE + EXE
direct payload obfuscation
melt added (for static / EV)
ev builds can now self-install
diversity and quality of stubs improved significantly
pump options (correct file enlargement without detection)
clone certificate / clone version info / clone icon
Load method:
stealth: custom loading method is used which involves creating a new process
invisible: no process created, its a very stealthy loading method. only use if stealth method is causing issues
Inject Target: this is the name of the windows process that will be injected into (explorer.exe, cmd.exe, ftp.exe, certutil.exe, werfault.exe are all valid)
Startup: Name: name of the installed .exe. Any name is valid
Startup: Directory Name: name of the directory that holds installed .exe
Startup: Directory Path: Path in Windows where startup is installed
Startup: Method: Method used to launch file with Windows
Single-instance
Major changes:
- Persistence options added
- New startup method added (Task scheduler)
- Image data is now always in a valid PNG, so using professional sites like photobucket/imageshack are fine to use
- Added ability to disable injection, so the payload loads very stealthy inside an EV signed process (or static stub if you choose)
- Added Command Line Forwarding, now all command lines are forwarded (including startup commandline)
Minor changes:
- Now a mega.nz download link is provided for all stubs, so if a stub fails to download on TOR, just download it manually and put it in the 'stubs' folder (Link provided on the Stubs panel)
- Added a Low Entropy option for Pump Options. This allows the user to pump a file with data which can be compressed heavily, preventing submission to analysis services like virustotal without increasing the payload size
TEST INTERNET ON
Lumma https://scanner.to/result/ApMQahUdih
Vidar https://scanner.to/result/JLUufhGxVG
Remcos https://scanner.to/result/eOA9gF7hWe
loader Amadeus https://scanner.to/result/5nK3lj72Jt
EDR Amadeus https://scanner.to/result_EDR/aUx063tMzl
DanaBot https://scanner.to/result/fcC1IyPcoA
Remcos EDR https://scanner.to/result_EDR/VjLKHgHhtD
First 5 clients with 15+ reputation get free software for a test period of 2 days per review. Please write your requests to develop new features
Subscription price $3000 / month
Feedback https://forum.exploit.in/topic/226528/
ALWAYS BYPASS WINDOWS DEFENDER, CLOUD IN SCANTIME, RUNTIME
BYPASS SMARTSCREEN
BYPASS GOOGLECHROME
Telegram: https://t.me/HelpBot777
Jabber: araks@exploit.im
Last edited:
