API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 15th, 2018
342
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.46 KB | None | 0 0
raw download clone embed print report
  1. (12:01:20 AM) vbotz@thesecure.biz: Hello
  2. (12:01:56 AM) winY: Hi, I'm winY from HF
  3. (12:02:01 AM) winY: I was asking for Israel loads
  4. (12:02:11 AM) vbotz@thesecure.biz: Okay cool how many
  5. (12:02:50 AM) winY: Minimum is 200 ?
  6. (12:03:17 AM) vbotz@thesecure.biz: Correct
  7. (12:03:41 AM) winY: and may I ask what is the difference between 0.50$ and 0.25$ load ?
  8. (12:03:57 AM) vbotz@thesecure.biz: how rich the country is
  9. (12:04:22 AM) winY: I understand, so what is the price of Israel loads ?
  10. (12:04:31 AM) vbotz@thesecure.biz: 0.50
  11. (12:04:36 AM) winY: Ok
  12. (12:04:48 AM) winY: Let me make sure my .exe is good and I will start
  13. (12:05:01 AM) vbotz@thesecure.biz: Alright
  14. (12:27:58 AM) vbotz@thesecure.biz: you ready
  15. (12:29:42 AM) winY: Nop, I have a small issue with my cryper, when I run it I can message "This publisher is not verified, are you sure you want to run this file" something like that
  16. (12:29:46 AM) winY: I'm trying to fix it
  17. (12:31:02 AM) vbotz@thesecure.biz: dont worry about it
  18. (12:31:05 AM) vbotz@thesecure.biz: its binded to legit software
  19. (12:31:40 AM) winY: Nop, should I bind it to a software you think?
  20. (12:31:49 AM) vbotz@thesecure.biz: No
  21. (12:31:51 AM) vbotz@thesecure.biz: i bind it
  22. (12:31:54 AM) vbotz@thesecure.biz: my method is special
  23. (12:32:02 AM) vbotz@thesecure.biz: they download and run legit software with your malware
  24. (12:32:05 AM) vbotz@thesecure.biz: so dont worry about it
  25. (12:33:01 AM) winY: so I just need to crypt?
  26. (12:33:38 AM) vbotz@thesecure.biz: Yes
  27. (12:34:09 AM) winY: ok, i send you file here?
  28. (12:34:15 AM) vbotz@thesecure.biz: Yes
  29. (12:34:29 AM) winY: ok give me bitcoin address please
  30. (12:34:32 AM) vbotz@thesecure.biz: 1HJaUQjstqJaKrnBEBXDQ6Lvid7PVjyDVX
  31. (12:37:12 AM) winY: sent
  32. (12:37:39 AM) vbotz@thesecure.biz: reeceived
  33. (12:38:06 AM) Offering to send xenlauncher.exe to vbotz@thesecure.biz
  34. (12:38:10 AM) vbotz@thesecure.biz cancelled the transfer of xenlauncher.exe
  35. (12:38:17 AM) vbotz@thesecure.biz: send as zip my friend
  36. (12:38:25 AM) Offering to send xenlauncher.zip to vbotz@thesecure.biz
  37. (12:39:24 AM) winY: May I ask for a tip on how I can make sur emy bots stay alive? should I keep the file FUD and just re-execute ?
  38. (12:39:46 AM) vbotz@thesecure.biz: Yes
  39. (12:39:50 AM) vbotz@thesecure.biz: this is the only way
  40. (12:40:09 AM) winY: Ok, and should I realllly bind it to program? I mean, the victim will see a program he don't know no?
  41. (12:40:15 AM) winY: if I don't bind he just dont see anything ?
  42. (12:40:26 AM) vbotz@thesecure.biz: i bind it
  43. (12:40:28 AM) vbotz@thesecure.biz: you dont bind it
  44. (12:40:31 AM) vbotz@thesecure.biz: you just give me file
  45. (12:40:39 AM) vbotz@thesecure.biz: when you have bots on botnet
  46. (12:40:46 AM) vbotz@thesecure.biz: botnet will execute your file silently
  47. (12:40:54 AM) vbotz@thesecure.biz: through either svchost or mscorlib
  48. (12:41:01 AM) winY: I understand
  49. (12:42:31 AM) Transfer of file xenlauncher.zip complete
  50. (12:46:16 AM) vbotz@thesecure.biz: give me few
  51. (12:46:44 AM) winY: ok
  52. (12:56:12 AM) winY: You here?
  53. (1:02:51 AM) winY: ???
  54. (1:06:52 AM) winY: Hello??
  55. (1:07:46 AM) vbotz@thesecure.biz: yES
  56. (1:07:48 AM) vbotz@thesecure.biz: IM READY
  57. (1:07:50 AM) vbotz@thesecure.biz: STARTED
  58. (1:07:54 AM) vbotz@thesecure.biz: you here
  59. (1:08:01 AM) vbotz@thesecure.biz: i just had to setup the server man
  60. (1:08:07 AM) vbotz@thesecure.biz: ;-)
  61. (1:08:11 AM) winY: ok
  62. (1:08:28 AM) vbotz@thesecure.biz: had to wait for BTC confirms and then install framework
  63. (1:08:31 AM) vbotz@thesecure.biz: but im ready now
  64. (1:08:34 AM) vbotz@thesecure.biz: sorry for wait
  65. (1:08:37 AM) winY: Alright
  66. (1:10:28 AM) winY: Should I see the bots coming now?
  67. (1:12:05 AM) vbotz@thesecure.biz: 5 mins
  68. (1:17:50 AM) vbotz@thesecure.biz: torrent is up
  69. (1:18:08 AM) winY: Ok, ill let you know when i start see them coming
  70. (1:22:40 AM) winY: How long should it take? Because so far I don't see anything..
  71. (1:24:51 AM) vbotz@thesecure.biz: well
  72. (1:25:20 AM) vbotz@thesecure.biz: 1:25 AM Sunday, July 15, 2018 (GMT+3)
  73. (1:25:31 AM) vbotz@thesecure.biz: really depends on how many isreali people is online
  74. (1:25:51 AM) winY: hmm
  75. (1:25:55 AM) winY: so far 0 bots :P
  76. (1:26:03 AM) vbotz@thesecure.biz: Yes
  77. (1:26:06 AM) vbotz@thesecure.biz: but its not super fast
  78. (1:26:10 AM) vbotz@thesecure.biz: cause they are sleeping
  79. (1:26:17 AM) vbotz@thesecure.biz: when they wake up will be much faster
  80. (1:26:22 AM) vbotz@thesecure.biz: you have to be patient brother
  81. (1:26:42 AM) winY: Ok
  82. (1:32:19 AM) winY: Sleeping you man computers are off?
  83. (1:32:22 AM) winY: mean*
  84. (1:38:59 AM) vbotz@thesecure.biz: well
  85. (1:39:01 AM) vbotz@thesecure.biz: i mean
  86. (1:39:06 AM) vbotz@thesecure.biz: isreal is sleeping
  87. (1:39:21 AM) vbotz@thesecure.biz: so not a lot of people to download
  88. (1:39:51 AM) winY: But the bots are not online all the time if the computer is open?
  89. (1:40:02 AM) vbotz@thesecure.biz: you misunderstand
  90. (1:40:05 AM) vbotz@thesecure.biz: im talking about now
  91. (1:40:10 AM) vbotz@thesecure.biz: since its slow receiving
  92. (1:40:27 AM) vbotz@thesecure.biz: no bots will never be online 24/7
  93. (1:40:30 AM) vbotz@thesecure.biz: it is real computiers
  94. (1:40:32 AM) vbotz@thesecure.biz: computers
  95. (1:40:41 AM) winY: I know, but now you don't have online bots from israel?
  96. (1:40:50 AM) winY: all offline? :X
  97. (1:40:50 AM) vbotz@thesecure.biz: its loads
  98. (1:40:53 AM) vbotz@thesecure.biz: so its not up to me
  99. (1:40:56 AM) winY: ahh
  100. (1:41:03 AM) winY: I think I start to understand
  101. (1:41:05 AM) vbotz@thesecure.biz: I dont have the bots my bro
  102. (1:41:10 AM) vbotz@thesecure.biz: They will only be yours
  103. (1:41:10 AM) winY: it's like an exploit kit ?
  104. (1:41:13 AM) vbotz@thesecure.biz: Well
  105. (1:41:16 AM) vbotz@thesecure.biz: better than exploit kit
  106. (1:41:27 AM) vbotz@thesecure.biz: since you will get all victims with all browsers
  107. (1:41:35 AM) vbotz@thesecure.biz: and 8.1 / 10 systems
  108. (1:41:42 AM) winY: Hmmm okey, that's nice
  109. (1:41:50 AM) winY: Ok I will keep waiting :)
  110. (7:44:01 AM) winY: Hello, Still 0 bots..
  111. (8:04:57 AM) winY: Ok my friend I will give you more few hours before I post on HF :/
  112. (11:40:15 AM) Attempting to start a private conversation with vbotz@thesecure.biz...
  113. (11:40:16 AM) vbotz@thesecure.biz has not been authenticated yet. You should authenticate this buddy.
  114. [Image] (11:40:16 AM) Unverified conversation with vbotz@thesecure.biz/156235193499334642662866018 started. Your client is not logging this conversation.
  115. (11:41:21 AM) winY: Hello?
  116. (2:06:05 PM) winY: .....
  117. (6:07:15 PM) vbotz@thesecure.biz: hello
  118. (6:08:25 PM) winY: hello
  119. (6:08:31 PM) winY: It's been 16 hours my friend
  120. (6:08:32 PM) winY: 0 bots
  121. (6:08:38 PM) vbotz@thesecure.biz: Can you count
  122. (6:08:45 PM) vbotz@thesecure.biz: its not been 16 hours
  123. (6:08:58 PM) vbotz@thesecure.biz: let me check your order
  124. (6:09:01 PM) winY: Okey, 14? :)
  125. (6:10:49 PM) vbotz@thesecure.biz: probably
  126. (6:10:53 PM) vbotz@thesecure.biz: sounds more realistic
  127. (6:11:00 PM) vbotz@thesecure.biz: I was at party yesterday
  128. (6:11:29 PM) winY: It's ok my friend, Can we get me some bots now? :D
  129. (6:11:46 PM) vbotz@thesecure.biz: 1 sec
  130. (6:11:54 PM) vbotz@thesecure.biz: checking it, everything was working
  131. (6:14:14 PM) winY: https://i.imgur.com/DQINoDv.png
  132. (6:14:23 PM) winY: 3 bots are mine, so 0 from you :(
  133. (6:16:17 PM) vbotz@thesecure.biz: 205 bots executed
  134. (6:16:20 PM) vbotz@thesecure.biz: i have ips
  135. (6:17:22 PM) winY: Hmm, so how come I have 0 ?
  136. (6:17:30 PM) winY: can you execute them again? the same bots?
  137. (6:17:47 PM) winY: I can give you login to my panel if you want
  138. (6:19:36 PM) vbotz@thesecure.biz: Please create a join.me
  139. (6:20:23 PM) winY: sec
  140. (6:26:12 PM) winY: I create room?
  141. (6:26:19 PM) winY: or give you y username ?
  142. (6:26:21 PM) winY: my*
  143. (6:28:31 PM) vbotz@thesecure.biz: send me link
  144. (6:35:00 PM) winY: try this join.me/winyxo199
  145. (6:36:53 PM) winY: you join ?
  146. (6:37:11 PM) vbotz@thesecure.biz: im trying
  147. (6:37:14 PM) vbotz@thesecure.biz: taking some time to load
  148. (6:37:17 PM) vbotz@thesecure.biz: will try different browser
  149. (6:37:20 PM) winY: ok
  150. (6:38:12 PM) vbotz@thesecure.biz: start screenshare
  151. (6:38:35 PM) winY: you see?
  152. (6:38:38 PM) vbotz@thesecure.biz: yes
  153. (6:38:43 PM) winY: ok loook in my panel
  154. (6:39:22 PM) winY: nothng come..
  155. (6:40:17 PM) winY: ?
  156. (6:40:42 PM) vbotz@thesecure.biz: http://198.50.152.162/stdx/malwr/xenluancher.rar
  157. (6:40:46 PM) vbotz@thesecure.biz: try to execute
  158. (6:40:49 PM) winY: sec
  159. (6:42:38 PM) winY: .exe is not a valid 32 application
  160. (6:42:42 PM) winY: when i run this exe..
  161. (6:42:56 PM) winY: [Window Title]
  162. C:\Users\test\Desktop\xenlauncher.exe
  163.  
  164. [Content]
  165. C:\Users\test\Desktop\xenlauncher.exe is not a valid Win32 application.
  166.  
  167.  
  168. [OK]
  169. (6:42:57 PM) vbotz@thesecure.biz: this was the rar
  170. (6:42:59 PM) vbotz@thesecure.biz: you sended
  171. (6:43:22 PM) winY: i sent you zip, it was working 100%
  172. (6:43:26 PM) winY: I tested it before ofc
  173. (6:43:28 PM) vbotz@thesecure.biz: you sent me rar
  174. (6:43:31 PM) vbotz@thesecure.biz: i have chat log
  175. (6:43:39 PM) vbotz@thesecure.biz: xenlauncher.rar
  176. (6:43:40 PM) winY: Ok but it doesnt matter to be honest..
  177. (6:43:47 PM) winY: It was working 100% :/
  178. (6:43:54 PM) winY: you think i will test it before?
  179. (6:43:59 PM) vbotz@thesecure.biz: Ofcourse
  180. (6:44:01 PM) winY: i will not*
  181. (6:44:03 PM) vbotz@thesecure.biz: but something has happend
  182. (6:44:07 PM) winY: yep
  183. (6:44:12 PM) winY: you cannot execute on the same bots?
  184. (6:44:20 PM) vbotz@thesecure.biz: I dont have access to the bots
  185. (6:44:38 PM) winY: you understand I don't even have 1 bot..
  186. (6:44:44 PM) vbotz@thesecure.biz: I understand
  187. (6:44:44 PM) winY: I mean, maybe 50, but 0..
  188. (6:45:01 PM) vbotz@thesecure.biz: but something obviously happened to your file when you packed it
  189. (6:45:13 PM) vbotz@thesecure.biz: I dont know if it was file transfer or the actually raring
  190. (6:45:28 PM) winY: Ok.. so what do we do now?
  191. (6:45:46 PM) vbotz@thesecure.biz: That is up for you to decide
  192. (6:45:57 PM) winY: What are the options lol
  193. (6:46:02 PM) winY: I paid $100 got nothing
  194. (6:46:15 PM) vbotz@thesecure.biz: options are to pay again or nothing, i dont compensate
  195. (6:46:20 PM) winY: LOL
  196. (6:46:22 PM) winY: you serious?
  197. (6:46:25 PM) vbotz@thesecure.biz: yes
  198. (6:46:28 PM) vbotz@thesecure.biz: not my problem
  199. (6:46:34 PM) vbotz@thesecure.biz: when you file not working
  200. (6:48:03 PM) winY: The file worked 100% I'm not a script kiddie who won't test it
  201. (6:48:14 PM) vbotz@thesecure.biz: I cant know that
  202. (6:48:17 PM) vbotz@thesecure.biz: i just got the rar file
  203. (6:48:21 PM) vbotz@thesecure.biz: extracted it
  204. (6:48:27 PM) vbotz@thesecure.biz: and ran it on bots
  205. (6:48:33 PM) winY: I sent you .exe first and then you told me to zip/rar it
  206. (6:48:39 PM) vbotz@thesecure.biz: Yes
  207. (6:48:43 PM) vbotz@thesecure.biz: Cause i had to bind it
  208. (6:48:51 PM) vbotz@thesecure.biz: But the exe didnt worked so lol
  209. (6:48:55 PM) vbotz@thesecure.biz: how you expected to get bots
  210. (6:48:58 PM) winY: So maybe the bind corrupted it?
  211. (6:49:01 PM) vbotz@thesecure.biz: no
  212. (6:49:08 PM) vbotz@thesecure.biz: cause the file in the rar was corrupted
  213. (6:49:09 PM) vbotz@thesecure.biz: lmfao
  214. (6:49:27 PM) winY: Right.. Okey what ever, I will just post that chat on HF and let the customers decide
  215. (6:49:29 PM) winY: thank you for nothing
  216. (6:49:35 PM) vbotz@thesecure.biz: Yes
  217. (6:49:41 PM) vbotz@thesecure.biz: absolutely, post this
  218. (6:49:46 PM) vbotz@thesecure.biz: I also reply with the video
  219. (6:50:05 PM) winY: np
  220. (6:50:12 PM) vbotz@thesecure.biz: remember to post the entire chat
  221. (6:50:20 PM) vbotz@thesecure.biz: where you also admitted your file not working
  222. (6:50:25 PM) vbotz@thesecure.biz: or ill do it
  223. (6:50:28 PM) vbotz@thesecure.biz: thanks
  224. (6:50:52 PM) vbotz@thesecure.biz: remember to hide IP
  225. (6:50:56 PM) vbotz@thesecure.biz: or you will be closed
  226. (6:50:59 PM) vbotz@thesecure.biz: by administrators
  227. (6:51:02 PM) winY: lol xD
  228. (6:51:15 PM) winY: So much bullshit in 1 person
  229. (6:51:21 PM) vbotz@thesecure.biz: Want me to link rules
  230. (6:51:35 PM) vbotz@thesecure.biz: Ill contact staff immediately
  231. (6:51:36 PM) winY: Dude, I paid $100 got nothing. that's all
  232. (6:51:43 PM) vbotz@thesecure.biz: not my problem
  233. (6:51:49 PM) vbotz@thesecure.biz: no reason to be a bitch over your own mistake
  234. (6:51:51 PM) vbotz@thesecure.biz: what i dont get is why
  235. (6:51:56 PM) vbotz@thesecure.biz: not just give me link
  236. (6:52:01 PM) winY: My mistake????? The file was working! Do I need to say it again?
  237.  
  238. (6:52:01 PM) vbotz@thesecure.biz: in rar/zip on your own webserver
  239. (6:52:05 PM) winY: when I sent you the file it was working
  240. (6:52:08 PM) vbotz@thesecure.biz: Proof
  241. (6:52:10 PM) vbotz@thesecure.biz: it was working
  242. (6:52:12 PM) winY: I have no clue what you do with it after
  243. (6:52:16 PM) vbotz@thesecure.biz: or no compensation
  244. (6:52:21 PM) winY: wow, that's how you scam people?
  245. (6:52:23 PM) vbotz@thesecure.biz: i dont know if you tested it or it worked
  246. (6:52:30 PM) vbotz@thesecure.biz: the file is exactly the same
  247. (6:52:32 PM) vbotz@thesecure.biz: you dumb fuck
  248. (6:52:36 PM) winY: never mind, hf with your $100.
  249. (6:53:16 PM) vbotz@thesecure.biz: how hard is it to check the checksum
  250. (6:53:17 PM) vbotz@thesecure.biz: broski
  251. (6:53:22 PM) vbotz@thesecure.biz: just make new join.me
  252. (6:53:51 PM) vbotz@thesecure.biz: Ill just own you even more
  253. (6:54:11 PM) winY: The file you sent me has no icon as well, I sent you one with icon and assembly, after crypt
  254. (6:54:18 PM) winY: So :)
  255. (6:55:03 PM) winY: (12:42:31 AM) Transfer of file xenlauncher.zip complete
  256. (6:55:05 PM) winY: hahhhahaahhahahahaha
  257. (6:55:12 PM) winY: Busted
  258. (6:55:28 PM) winY: good luck with your sales on HF
  259. (6:56:56 PM) vbotz@thesecure.biz: good job editting
  260. (6:57:38 PM) vbotz@thesecure.biz: :-D
  261. (6:57:43 PM) vbotz@thesecure.biz: check files
  262. (6:57:46 PM) vbotz@thesecure.biz: exactly same checksum
  263. (6:57:48 PM) vbotz@thesecure.biz: send me the file
  264. (6:57:52 PM) vbotz@thesecure.biz: that you sended me baby
  265. (6:58:05 PM) winY: editing? really? I will edit for $100 ?
  266. I just scroll up on jabber logs
  267. (6:58:10 PM) winY: oh man, how old are you 5?
  268. (6:58:14 PM) vbotz@thesecure.biz: Send me your file
  269. (6:58:17 PM) winY: nvm I will just post on HF and I really don't care
  270. (6:58:18 PM) vbotz@thesecure.biz: let me check the checksum
  271. (6:58:22 PM) vbotz@thesecure.biz: and we will see babt
  272. (6:58:25 PM) vbotz@thesecure.biz: baby
  273. (6:58:37 PM) winY: I sent you the file yesterday already
  274. (6:58:48 PM) vbotz@thesecure.biz: send your file now
  275. (6:59:15 PM) winY: Please don't waste me time more kid
  276. (6:59:19 PM) vbotz@thesecure.biz: Do it
  277. (6:59:21 PM) winY: my*
  278. (6:59:21 PM) vbotz@thesecure.biz: or you scared
  279. (6:59:25 PM) vbotz@thesecure.biz: that i actually can proof
  280. (6:59:36 PM) vbotz@thesecure.biz: Its the exact same file
  281. (6:59:51 PM) winY: So why you sent it in .rar this time? why it has no assembly?
  282. (6:59:54 PM) winY: no icon?
  283. (7:00:09 PM) winY: Just forget it ok? Enjoy with your $100
  284. (7:00:14 PM) winY: I will make that money back in no time anyways
  285. (7:00:36 PM) vbotz@thesecure.biz: no
  286. (7:00:40 PM) vbotz@thesecure.biz: i just want to proof its not my mistake
  287. (7:00:47 PM) vbotz@thesecure.biz: and if it is, ofcourse i send you bots again
  288. (7:00:54 PM) vbotz@thesecure.biz: but right now, i have 100 proof your file is corrupted
  289. (7:03:12 PM) vbotz@thesecure.biz: its funny like you think your my own customer
  290. (7:03:13 PM) vbotz@thesecure.biz: lmfao
  291. (7:03:17 PM) vbotz@thesecure.biz: i sell geotargeted daily
  292. (7:03:21 PM) vbotz@thesecure.biz: otherwise people use my website
  293. (7:03:25 PM) vbotz@thesecure.biz: so dont give me bullshit
  294. (7:03:29 PM) vbotz@thesecure.biz: send file or fuck off
  295. (7:03:32 PM) vbotz@thesecure.biz: i will proof
  296. (7:03:37 PM) vbotz@thesecure.biz: you fucked up
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!