Arkadaş intaar etmiş resmen.
Şimdi sadece normal bi insan aklıyla düşünelim zihninizi açın ve düşünün
Sadece mail soran bi logger logları nasıl yollayacak
Oluştur butonu basınca server oluşturulamadı X yaptıgı şey 1 LABEL 1 BUTTON Code Msgbox("SERVER OLUŞTURULAMADI")
frkk.exe
ScriptS.exe
stub.exe
Binderlenen dosyalar
System32 Ve geniş çaplı kontrol istegi ? neden bi logger sınırsız hak istesin.
BACKDOOR!
10D0000 C:\Users\Hp\Desktop\script's logger.exe
76E10000 C:\Windows\SYSTEM32\ntdll.dll
6F380000 C:\Windows\SYSTEM32\MSCOREE.DLL
76800000 C:\Windows\system32\KERNEL32.dll
74FF0000 C:\Windows\system32\KERNELBASE.dll
10000000 C:\Windows\system32\guard32.dll
75410000 C:\Windows\system32\USER32.dll
75180000 C:\Windows\system32\GDI32.dll
751D0000 C:\Windows\system32\LPK.dll
754E0000 C:\Windows\system32\USP10.dll
76F90000 C:\Windows\system32\msvcrt.dll
76A40000 C:\Windows\system32\ADVAPI32.dll
761D0000 C:\Windows\SYSTEM32\sechost.dll
76550000 C:\Windows\system32\RPCRT4.dll
74CE0000 C:\Windows\system32\VERSION.dll
76F70000 C:\Windows\system32\IMM32.DLL
76690000 C:\Windows\system32\MSCTF.dll
74CD0000 C:\Windows\system32\fltlib.dll
910000 C:\iDEFENSE\SysAnalyzer\api_log.dll
763C0000 C:\Windows\system32\urlmon.dll
75170000 C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
768E0000 C:\Windows\system32\ole32.DLL
74EA0000 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
767A0000 C:\Windows\system32\shlwapi.DLL
74EB0000 C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
74EC0000 C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
75160000 C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
75130000 C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
76F50000 C:\Windows\system32\normaliz.DLL
76BF0000 C:\Windows\system32\iertutil.dll
761F0000 C:\Windows\system32\WININET.dll
76760000 C:\Windows\system32\WS2_32.dll
76F60000 C:\Windows\system32\NSI.dll
764F0000 C:\Windows\system32\PSAPI.DLL
6B920000 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
5AEF0000 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
5AE30000 C:\Windows\system32\MSVCR100_CLR0400.dll
5C4A0000 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
74D90000 C:\Windows\system32\CRYPTBASE.dll
73940000 C:\Windows\system32\uxtheme.dll
71F40000 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
5A570000 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
59EA0000 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll
5E6F0000 C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\ce9a2e0e508484f2ccc43194945cfae4\Microsoft.VisualBasic.ni.dll
6A920000 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
5E550000 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
59200000 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll
740D0000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
60DC0000 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\46863d4abf7db3e009962abc8710c945\System.Runtime.Remoting.ni.dll
73B40000 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll
73680000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
73920000 C:\Windows\system32\dwmapi.dll
6CFC0000 C:\Windows\System32\MSSWCH.dll
73D50000 C:\Windows\System32\WINMM.dll
MD5ASIL:4A1CB1B3FE44862577705F762BC7137E
TARAMA SONUCU 1d428a4313c725a3f9dd11e8cd75b735
Uymuyor..
İnanmayan arkadaş hex editörde açıp kodlara bakabilir.
ALINTI:Sonuç ne mi? %96 başarı sağladım.
Antivirüslerden korkum olmadığından virustotal'de tarattım.
Size söylemiştim değil mi tembelim diye?
Ekran fotosu eklemedim.
Versiyon veya ikonda değiştirmedim, değiştirmenizde de bir sakınca yoktur.
Nod32'den kaçırabilirsiniz bu şekilde fakat avira'dan kaçmaz.
5 dakikalık uğraşınızla %98 başarı sağlayabilirsiniz..
Üşenmezsem bir üst sürümünde nod32 kaçırıp koyarım. Sizce bu zeka seviyesindeki bi adam