Windows Stealer

Best private stealer on the market

📖 Basic description

The software collects personal and general device data for authorisation purposes. It features a practical web panel with a minimalistic design and a clear log structure. The build is written in C++ and has a weight of 600 Kb. Linking is static, and DLLs are not pulled from the server. The server-side log decoding is also included. The communication with the C2 server is established through a proprietary protocol that operates on top of TCP. The data collection includes 100 browsers and 100 crypto-wallets, which encompass both cryptocurrency and desktop wallets stored on the device. Additionally, Steam files are collected, along with 2 Telegram clients (tdata folders) and 5 Discord clients. The Discord token is decrypted and saved. There are 27 different password managers available. The logs are encrypted and stored on your servers. To use them, you will need to purchase a VDS.

Stealer collection functionality:

Data from 106 browsers;
Data from 107 cryptocurrency wallets;
Any FileGrabber extensions;
Environment variables;
Installed software;
Windows Credential Manager and Windows Vault;
Browser history of the infected device;
Infected device's browser bookmarks;
Browser autocomplete fields;
Data from 2 Telegram clients;
Steam folder;
Discord tokens;
Data from 27 password managers;
OpenVpn configurations;
Outlook;
Loader;
Google tokens;

Chromium browsers

Google Chrome, Google Chrome Beta, Google Chrome (x86), Google Chrome SxS, 360ChromeX, Chromium, Microsoft Edge, Brave Browser, Epic Privacy Browser, Amigo, Vivaldi, Kometa, Orbitum, Mail.Ru Atom, Comodo Dragon, Torch, Comodo, Slimjet, 360Browser, 360 Secure Browser, Maxthon3, Maxthon5, Maxthon, QQBrowser, K-Meleon, Xpom, Lenovo Browser, Xvast, Go! Safer Secure Browser, Sputnik, Nichrome, CocCoc Browser, Uran, Chromodo, Yandex Browser, 7Star, Chedot, CentBrowser, Iridium, Opera Stable, Opera Neon, Opera Crypto Developer, Opera GX, Elements Browser, Citrio, Sleipnir5 ChromiumViewer, QIP Surf, Liebao, Coowon, ChromePlus, Rafotech Mustang, Suhba, TorBro, RockMelt, Bromium, Twinkstar, CCleaner Browser, AcWebBrowser, CoolNovo, Baidu Spark, SRWare Iron, Titan Browser, AVAST Browser, AVG Browser, UCBrowser, URBrowser, Blisk, Flock, CryptoTab Browser, SwingBrowser, Sidekick, Superbird, SalamWeb, GhostBrowser, NetboxBrowser, GarenaPlus, Kinza, InsomniacBrowser, ViaSat Browser, Naver Whale, Falkon

Gecko browsers

Firefox, SeaMonkey, Waterfox, K-Meleon, Thunderbird, CLIQZ, IceDragon, Cyberfox, BlackHawk, Pale Moon, IceCat, Basilisk, BitTube, SlimBrowser

Crypto extensions

Metamask, Metamask (Edge), Metamask (Opera), BinanceChain, Bitapp, Coin98, Safe Pal, Safe Pal (Edge), DAppPlay, Guarda, Equal, Guild, Casper, Casper (Edge), ICONex, Math, Math (Edge), Mobox, Phantom, TronLink, XinPay, Ton, Sollet, Slope, DuinoCoin, Starcoin, Hiro Wallet, MetaWallet, Swash, Finnie, Keplr, Crocobit, Oxygen, Nifty, Liquality, Ronin, Ronin (Edge), Oasis, Temple, Pontem, Solflare, Yoroi, iWallet, Wombat, Coinbase, MewCx, Jaxx Liberty (Web), OneKey, Hycon Lite Client, SubWallet (Polkadot), Goby, TezBox, ONTO Wallet, Hashpack, Cyano, Martian Wallet, Sender Wallet, Zecrey, Auro, Terra Station, KardiaChain, Rabby, NeoLine, Nabox, XDeFi, KHC, CLW, Polymesh, ZilPay, Byone, Eternl, Guarda (Web), Nami, Maiar DeFi Wallet, Leaf Wallet, Brave Wallet, Opera Wallet, CardWallet, Flint, Exodus (Web), TrustWallet, CryptoAirdrop

Desktop wallets

Coinomi, Dash, Litecoin, Bitcoin, Dogecoin, Qtum, Armory, Bytecoin, MultiBit, Jaxx Liberty, Exodus, Ethereum, Electrum, Electrum-LTC, Atomic Wallet, Guarda, WalletWasabi, ElectronCash, Sparrow, IOCoin, PPCoin, BBQCoin, Mincoin, DevCoin, YACoin, Franko, FreiCoin, InfiniteCoin, GoldCoinGLD, Binance, Terracoin, Daedalus Mainnet, MyMonero, MyCrypto, AtomicDEX, Bisq, Defichain-Electrum, TokenPocket (Browser), Zap

Password managers

Authenticator, Authenticator (Edge), Trezor Password Manager, GAuth Authenticator, EOS Authenticator, 1Password, 1Password (Edge), KeePassXC (Web), KeePassXC (Web Edge), Dashlane, Dashlane (Edge), Bitwarden, Bitwarden (Edge), NordPass, Keeper, RoboForm (Web), RoboForm (Web Edge), LastPass, LastPass (Edge), BrowserPass, MYKI, MYKI (Edge), Splikity, CommonKey, SAASPASS, Zoho Vault, Authy (Web)

Discord clients

Discord, DiscordCanary, DiscordPTB, Lightcord, DiscordDevelopment

Telegram clients

Kotatogram, Telegram desktop

Panel functionality:

Login page - Secure login page to the panel, using multiple encryption algorithms;

LogList - list of logs with general information on each log;

Builder - convenient and flexibly customizable builder;

Telegram bot customization for tapping;

Customize the font in the dashboard;

Dashboard - handy information page with weekly stats taken into account;

File pumper - increase the size of any file right in your web panel;

Compress build - compress a build with upx right in your web panel;

Google recovery - recover cookies from google account directly in your web panel;

PRICE: 2000$

PreviousQUARK STEALER NextMacOS Stealer

Last updated 1 year ago

📖 Basic description

The software collects personal and general device data for authorisation purposes. It features a practical web panel with a minimalistic design and a clear log structure. The build is written in C++ and has a weight of 600 Kb. Linking is static, and DLLs are not pulled from the server. The server-side log decoding is also included. The communication with the C2 server is established through a proprietary protocol that operates on top of TCP. The data collection includes 100 browsers and 100 crypto-wallets, which encompass both cryptocurrency and desktop wallets stored on the device. Additionally, Steam files are collected, along with 2 Telegram clients (tdata folders) and 5 Discord clients. The Discord token is decrypted and saved. There are 27 different password managers available. The logs are encrypted and stored on your servers. To use them, you will need to purchase a VDS.

Stealer collection functionality:

Data from 106 browsers;
Data from 107 cryptocurrency wallets;
Any FileGrabber extensions;
Environment variables;
Installed software;
Windows Credential Manager and Windows Vault;
Browser history of the infected device;
Infected device's browser bookmarks;
Browser autocomplete fields;
Data from 2 Telegram clients;
Steam folder;
Discord tokens;
Data from 27 password managers;
OpenVpn configurations;
Outlook;
Loader;
Google tokens;

Chromium browsers

Gecko browsers

Firefox, SeaMonkey, Waterfox, K-Meleon, Thunderbird, CLIQZ, IceDragon, Cyberfox, BlackHawk, Pale Moon, IceCat, Basilisk, BitTube, SlimBrowser

Crypto extensions

Desktop wallets

Password managers

Discord clients

Discord, DiscordCanary, DiscordPTB, Lightcord, DiscordDevelopment

Telegram clients

Kotatogram, Telegram desktop

Panel functionality:

Login page - Secure login page to the panel, using multiple encryption algorithms;

LogList - list of logs with general information on each log;

Builder - convenient and flexibly customizable builder;

Telegram bot customization for tapping;

Customize the font in the dashboard;

Dashboard - handy information page with weekly stats taken into account;

File pumper - increase the size of any file right in your web panel;

Compress build - compress a build with upx right in your web panel;

Google recovery - recover cookies from google account directly in your web panel;