Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ________ ______ .______ _______ .__ __. __ __ __ .___ ___.
- | / / __ \ | _ \ | ____|| \ | | | | | | | | | \/ |
- `---/ / | | | | | |_) | | |__ | \| | | | | | | | | \ / |
- / / | | | | | / | __| | . ` | | | | | | | | |\/| |
- / /----.| `--' | | |\ \----.| |____ | |\ | | | | `--' | | | | |
- /________| \______/ | _| `._____||_______||__| \__| |__| \______/ |__| |__|
- ==Zorenium v2 Beta (2014 - Est(Release data January 4th)==
- {{{{{{{{{{{{{{{{{{{{{{{{{{ ---- APPLY FOR BETA TESTING VIA THE CONTACT INFORMATIONG ---- }}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
- :::SOURCE DIR IMAGE (http://i.imgur.com/KBn0ECM.png) - Picture taken on November 15th::
- Compiled with Microsoft Visual Studio 2010 using the Microsoft compiler, cl.exe.
- Zorenium is written in C++, C++0x & C
- Development for Zorenium started on December the 4th 2012, Day and night
- `I` Alone worked hard to make sure the list of functioning features & stability was 100%
- Everything your reading, And will no doubt go on to testing,
- Works very effectively and efficiently..
- ---------*
- Zorenium is a simple & stable Banking, DDoS & Worm spreading malware bot with abilities to
- Hook and terminate the popular AVs and top 10 latest malware & worms,
- Zorenium is built with pre-generated 256 bit AES keys with Separate keys for the ssh features
- Strings are hashed with a custom string hasher then encrypted using stenography.
- The bot Can be managed with the following protocols: IRC , HTTP & i2p.
- AntiAv:
- Zorenium uses multiple methods of removal and can now shut down and restart over 40 different
- AntiVirus / Smart security & Firewall systems.
- Persistence:
- All bot resources (Process, Files & Start up) Are protected from termination or removal.
- With over 5 different kinds of protection modules.
- Automatic restart is enabled & Protection on this feature is also enforced.
- Inject:
- Zorenium uses 5 types of injection methods,
- For security reasons, I Can not display the method of injection.
- DDOS:
- 5 Different methods using randomized headers in HTTP DoS,
- UDP, Mass Reconnect, HTTPGet, Slowloris & ACK
- FormGrabbing:
- When defined sites are picked out Zorenium will save only needed forms before they are sent out.
- Data will then be displayed via the Chosen C&C feature.
- FormGrabber grabs from the following browsers::
- ---Firefox(W/Without SSL)
- ---Iexplorer(W/Without SSL)
- ---Chrome(W/Without SSL)
- Bot Killer.
- Zoreniums kill methods will remove the top ten 2013 list of malwares & Soon to protect against
- All major malware you have come across.
- The BKiller scans process on start up and on registry start up for suspicious entries
- All code injected other then the bot and installed AV (Including crypted files using PE Methods) Will be terminated.
- Banking:
- At the moment Zorenium as of (December the 18th) Only uses bank stealing modules against
- BSS Banking But towards 2014 we promise to deliver at least 10 Different banking modules & 2 Different methods of Stealing that important information.
- --Contact--
- Project: Zorenium
- Contact Info: E-MAIL Or Jabber Available Upon Request!!!
- OR IRC For help/Questions: irc.voidptr.cz:6667 (+6697 SSL) Channel Name: #Z
- -------------------------------------------
- =+Recent updates+= December 18th(2013);
- **Added support for ipv6
- **Added Another method for UACBypassing, we now support windows 8 all versions.
- **Added HTTPGet & SlowLaris.
- **Added AntiDebug Module & OSDetect Features for injection method(3).
- **Added unique UserID Storing & Retrieving methods for HTTP & p2p Control.
- **Modified EnumWindows Function to be its own module,
- ----We can now log what the user is running and virtually read what the user reads & sees,
- ------Screenshots can also be taken via this method also.
- **Modified the bitCoin Miner to use less CPU usage.
- =+November 20+ 2013 Updates+=
- **Added DDoS and Spread capability
- **Added BTC miner
- **Added Mailworm with spoofed header
- **Added Facebook API worm,
- **Added Skype worm
- **Added Dreambox/Cisco Router Scanner (each ip vuln will be put into the sql database,
- where then you can control your ip lists via your designated C&C Protocol)
- **Added hidden banking service application & Dropper for BSS Offline (mysql(Hooked))
- **Added SelfINitFunction
- (if operating system higher then windows 7 Zorenium.exe
- will drop a dll bypassing UAC and AV, After doing so,
- Bot will Inject the coreDll into defined proccess,
- After Writing/Memory mapping its self to available processes(<- For the anti(system) Module))
- **Added New (Eset SmartSecurity & Eset AntiVirus AntiModules)
- **Added AntiBot Module (Searches mapped processes & Memory for malware)
- **Added botkiller module for top 10 listed malware, Such names as (BetaBot,Zeus and kavos)
- **Added Registry monitoring (For the rootkit)
- **Added RootKit Install/Extract & Start
- **Added Userkit Install & Starter
- **Added Created New injection system for the UserKit
- **Added Base64 / Sha256 & RC4/6 Encryption.
- **Fixes to HTTP System ** Was a bug on the HookConnectEx() Function when os restarted and loaded the bot by dll.
- **Fixes to the Nix scanner ** Bug when defining more then 30 Threads with os 7
- **Fixes to the antiSystem ** Bot would still load certain functions when being ran via sandboxed,
- ** Bot will now stdout a fake microsoft windows update notifier BIN(Service,Program Before self deleting the bots core bins)
- **Fixes to the BSSGrabber
- *Data for the banking service application will now be sent over a secure p2p network
- *Bare in mind!! No data apart from the banking & BTC Data are sent between the bot and p2p network.
- The Binary file for this module will attempt to use the CoreAntiAV System to inject its way into
- Running av/firewalls adding itself to exception lists,
- Bin With i2p for command & control = Extra 100GBP
- Bin With tor & p2p For command & control = Extra 5000GBP
- Zorenium(Bin) Price: With rootkit, Miner & Banking modules 2000GBP
- Without The rootkit, Miner & Banking modules: 350GBP
- _________Please note increase/decrease in price plans may vary.
- ---------BitCoins are accepted!!!!!----------------------------
- **************NOTE***************
- IRC MODULES ARE NOT A REQUIREMENT, AND CAN BE DROPPED ON REQUEST, SAME GOES FOR THE OTHER PROTOCOLS.
- =======================V2 Files
- DNSQuery.cpp
- ZoreniumMain.cpp
- ZeusKill.cpp
- ws2Hook.cpp
- WinCrypt.cpp
- Utils2.cpp
- utils.cpp
- Utilities.cpp
- UserkitInstaller.cpp
- Unhook.cpp
- uHookKernel.cpp
- UACBypass.cpp
- Threadsystem.cpp
- ThreadKill.cpp
- TaskManager.cpp
- Sysinfo.cpp
- SHA256.cpp
- Service.cpp
- Screenshot.cpp
- RootkitInstaller.cpp
- RootKitExtract.cpp
- Registry.cpp
- PrinterExploit.cpp
- PortForward.cpp
- NOD32.cpp
- Nixscanner.cpp
- Mysql.cpp
- MemoryMap.cpp
- irc.cpp
- IPV6Tools.cpp
- CoreInject.cpp
- Inject4.cpp
- Inject3.cpp
- Inject2.cpp
- HTTPC.cpp
- Hooker.cpp
- SectionConfigData.cpp
- ring0ToRing3.cpp
- BMPConvertor.cpp
- Compiling...
- GChrome.cpp
- fWuaclt.cpp
- fMicrosoftBuff.cpp
- fChr.cpp
- fApiLoad.cpp
- fService.cpp
- FormGrabber.cpp
- fMySQL.cpp
- IRCDaemon.cpp
- Fakefile.cpp
- EnumWindows.cpp
- DRWeb.cpp
- DriverUtilitys.cpp
- Dreambox.cpp
- DNSChanger.cpp
- dllloader.cpp
- dInject.cpp
- Debugger.cpp
- Controljack.cpp
- Config.cpp
- Chrome.cpp
- BSSOffline.cpp
- BSSG.cpp
- BotSearch.cpp
- bootcrypt.cpp
- BootApi.cpp
- BKiller.cpp
- BitCoinMiner.cpp
- Base64.cpp
- APIMonitor.cpp
- ApiGrabber.cpp
- AntiDebug.cpp
- AntiAv.cpp
- ========================================================
- ========================================================
- ========================================================
- ========================================================
- --
Add Comment
Please, Sign In to add comment