Detailed Features
- Credential Theft: Steals login details from apps like FileZilla, Skype, Telegram, and Steam, targeting files such as "sitemanager.xml" and "loginusers.vdf".
- Cryptocurrency Targeting: Extracts data from Bitcoin, Monero, and other cryptocurrency wallets, enabling theft of digital assets.
- Clipboard Monitoring: Captures text from the clipboard, potentially exposing sensitive copied data like passwords.
- Webcam Snapshots: Secretly takes webcam images to spy on victims, compromising privacy.
- Desktop Screenshots: Captures desktop snapshots to gather visual data from the victim's system.
- System Information Collection: Gathers hardware, software, and process details using WMI queries like "Select * from Win32_ComputerSystem".
- Anti-Detection Techniques: Checks for antivirus tools and virtual machines, terminating if detected to avoid analysis.
- Data Exfiltration: Zips stolen data and uploads it to a remote server, such as "f0429164.xsph.run/Panel/gate.php".
- Spear-Phishing Delivery: Spreads via malicious email attachments, often disguised as legitimate files like "Minecraft how to play guide.docm".
- Backdoor Creation: Modifies system settings to enable remote access and additional malware installation.