API tools faq
paste
James_inthe_box

UnknownKeylogger3

James_inthe_box
Jan 6th, 2020
14,095
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 18.70 KB | None | 0 0
raw download clone embed print report
  1. BSJB
  2. v4.0.30319
  3. #Strings
  4. #GUID
  5. #Blob
  6. R V f k
  7. Microsoft.VisualBasic
  8. ApplicationBase
  9. Microsoft.VisualBasic.ApplicationServices
  10. Computer
  11. Microsoft.VisualBasic.Devices
  12. mscorlib
  13. Object
  14. System
  15. User
  16. Type
  17. System.Windows.Forms
  18. Timer
  19. Process
  20. System.Diagnostics
  21. EventArgs
  22. Keys
  23. List`1
  24. System.Collections.Generic
  25. Enum
  26. ValueType
  27. MulticastDelegate
  28. IAsyncResult
  29. AsyncCallback
  30. StringBuilder
  31. System.Text
  32. EditorBrowsableAttribute
  33. System.ComponentModel
  34. EditorBrowsableState
  35. GeneratedCodeAttribute
  36. System.CodeDom.Compiler
  37. DebuggerHiddenAttribute
  38. StandardModuleAttribute
  39. Microsoft.VisualBasic.CompilerServices
  40. HideModuleNameAttribute
  41. HelpKeywordAttribute
  42. System.ComponentModel.Design
  43. RuntimeHelpers
  44. System.Runtime.CompilerServices
  45. RuntimeTypeHandle
  46. Activator
  47. MyGroupCollectionAttribute
  48. ComVisibleAttribute
  49. System.Runtime.InteropServices
  50. ThreadStaticAttribute
  51. CompilerGeneratedAttribute
  52. Operators
  53. ServerComputer
  54. Conversions
  55. FileSystemProxy
  56. Microsoft.VisualBasic.MyServices
  57. SpecialDirectoriesProxy
  58. Path
  59. System.IO
  60. Random
  61. Int32
  62. String
  63. Strings
  64. CompareMethod
  65. Math
  66. EventHandler
  67. ComputerInfo
  68. Double
  69. WebClient
  70. System.Net
  71. Stream
  72. IWebProxy
  73. StreamReader
  74. Exception
  75. WebHeaderCollection
  76. WebRequest
  77. CredentialCache
  78. NetworkCredential
  79. ICredentials
  80. ProjectData
  81. ClipboardProxy
  82. FtpWebRequest
  83. StreamWriter
  84. Attachment
  85. System.Net.Mail
  86. MailMessage
  87. SmtpClient
  88. TextWriter
  89. Encoding
  90. NewLateBinding
  91. File
  92. IDisposable
  93. MailAddress
  94. MailAddressCollection
  95. Environment
  96. AttachmentCollection
  97. Collection`1
  98. System.Collections.ObjectModel
  99. ICredentialsByHost
  100. Directory
  101. System.Drawing
  102. Graphics
  103. Bitmap
  104. Size
  105. Rectangle
  106. Point
  107. Screen
  108. Image
  109. DirectoryInfo
  110. DateTime
  111. Int64
  112. NameValueCollection
  113. System.Collections.Specialized
  114. MemoryStream
  115. GZipStream
  116. System.IO.Compression
  117. CompressionMode
  118. Byte
  119. Boolean
  120. Assembly
  121. System.Reflection
  122. Application
  123. RegistryKey
  124. Microsoft.Win32
  125. Registry
  126. RegistryValueKind
  127. Interaction
  128. MsgBoxResult
  129. MsgBoxStyle
  130. WebResponse
  131. Keyboard
  132. AccessedThroughPropertyAttribute
  133. STAThreadAttribute
  134. MarshalAsAttribute
  135. UnmanagedType
  136. InAttribute
  137. Delegate
  138. Module
  139. Marshal
  140. IntPtr
  141. SpecialFolder
  142. HttpWebRequest
  143. HttpWebResponse
  144. Enumerator
  145. UTF8Encoding
  146. Convert
  147. IEnumerable`1
  148. Buffer
  149. Array
  150. System.Security
  151. ProtectedData
  152. System.Security.Cryptography
  153. DataProtectionScope
  154. FileStream
  155. FileMode
  156. Char
  157. System.Xml
  158. XmlDocument
  159. XmlNodeList
  160. XmlNode
  161. XmlElement
  162. IEnumerator
  163. System.Collections
  164. IEnumerable
  165. GCHandle
  166. GCHandleType
  167. ICryptoTransform
  168. MD5CryptoServiceProvider
  169. TripleDESCryptoServiceProvider
  170. HashAlgorithm
  171. SymmetricAlgorithm
  172. CipherMode
  173. PaddingMode
  174. TripleDES
  175. DllImportAttribute
  176. FlagsAttribute
  177. StructLayoutAttribute
  178. LayoutKind
  179. BitConverter
  180. Decimal
  181. Utils
  182. UInt64
  183. FileSystem
  184. OpenMode
  185. OpenAccess
  186. OpenShare
  187. System.Web.Extensions
  188. JavaScriptSerializer
  189. System.Web.Script.Serialization
  190. UnmanagedFunctionPointerAttribute
  191. CallingConvention
  192. CompilationRelaxationsAttribute
  193. RuntimeCompatibilityAttribute
  194. .ctor
  195. get_GetInstance
  196. GetObjectValue
  197. Equals
  198. GetHashCode
  199. GetTypeFromHandle
  200. ToString
  201. CreateInstance
  202. m_ThreadStaticValue
  203. ConcatenateObject
  204. get_Name
  205. GetProcesses
  206. get_FileSystem
  207. get_SpecialDirectories
  208. get_MyDocuments
  209. Combine
  210. Next
  211. Concat
  212. Split
  213. ToDouble
  214. Round
  215. Append
  216. remove_Tick
  217. add_Tick
  218. get_Info
  219. get_OSFullName
  220. get_OSVersion
  221. get_OSPlatform
  222. get_TotalPhysicalMemory
  223. Format
  224. get_Headers
  225. GetSystemWebProxy
  226. get_DefaultNetworkCredentials
  227. set_Credentials
  228. set_Proxy
  229. OpenRead
  230. SetProjectError
  231. ClearProjectError
  232. ReadToEnd
  233. Close
  234. Replace
  235. get_Clipboard
  236. GetText
  237. Contains
  238. AddObject
  239. CompareString
  240. WriteLine
  241. get_UTF8
  242. GetBytes
  243. LateGet
  244. set_Method
  245. ReadAllBytes
  246. set_ContentLength
  247. GetRequestStream
  248. Write
  249. Delete
  250. Dispose
  251. set_From
  252. get_To
  253. get_UserName
  254. set_Subject
  255. set_Body
  256. get_Attachments
  257. set_EnableSsl
  258. ToInteger
  259. set_Port
  260. Send
  261. Exists
  262. CreateProjectError
  263. set_Interval
  264. get_Screen
  265. get_Bounds
  266. get_Width
  267. get_Height
  268. FromImage
  269. CopyFromScreen
  270. Save
  271. CreateDirectory
  272. get_Now
  273. get_Ticks
  274. get_Encoding
  275. GetString
  276. UploadData
  277. Exit
  278. UploadValues
  279. LateCall
  280. ChangeType
  281. GetExecutingAssembly
  282. GetManifestResourceStream
  283. get_Length
  284. Read
  285. Start
  286. get_ProcessName
  287. LCase
  288. Kill
  289. GetProcessesByName
  290. GetCurrentProcess
  291. get_ExecutablePath
  292. Left
  293. GetTempPath
  294. get_Millisecond
  295. CurrentUser
  296. OpenSubKey
  297. SetValue
  298. MsgBox
  299. Create
  300. GetResponse
  301. InStr
  302. Substring
  303. get_Keyboard
  304. get_ShiftKeyDown
  305. get_CapsLock
  306. Remove
  307. GetModules
  308. GetHINSTANCE
  309. ToInt32
  310. Finalize
  311. GetFolderPath
  312. GetResponseStream
  313. get_Count
  314. GetEnumerator
  315. get_Current
  316. MoveNext
  317. GetSubKeyNames
  318. GetValue
  319. ToChar
  320. BlockCopy
  321. Unprotect
  322. LocalMachine
  323. LastIndexOf
  324. GetDirectories
  325. ChrW
  326. Copy
  327. SubtractObject
  328. get_Default
  329. LateSetComplex
  330. Environ
  331. Load
  332. GetElementsByTagName
  333. get_ItemOf
  334. get_InnerText
  335. StrReverse
  336. FromBase64String
  337. get_ASCII
  338. Alloc
  339. AddrOfPinnedObject
  340. Free
  341. get_Chars
  342. ToLower
  343. Initialize
  344. ComputeHash
  345. set_Mode
  346. set_Padding
  347. set_Key
  348. set_IV
  349. CreateDecryptor
  350. TransformFinalBlock
  351. get_Unicode
  352. CompareObjectEqual
  353. CompareObjectGreater
  354. OrObject
  355. ToBoolean
  356. ConditionalCompareObjectEqual
  357. ToInt64
  358. Subtract
  359. ToUInt16
  360. CopyArray
  361. Compare
  362. ToULong
  363. get_BigEndianUnicode
  364. Multiply
  365. ToUInt64
  366. ToLong
  367. CompareTo
  368. IndexOf
  369. LTrim
  370. ConditionalCompareObjectGreater
  371. FileOpen
  372. Space
  373. FileGet
  374. FileClose
  375. Zero
  376. GetFiles
  377. Deserialize
  378. GetDelegateForFunctionPointer
  379. GetEnvironmentVariable
  380. AllocHGlobal
  381. op_Inequality
  382. FreeHGlobal
  383. PRINCE 404.exe
  384. <Module>
  385. MyApplication
  386. MyComputer
  387. MyProject
  388. m_ComputerObjectProvider
  389. m_AppObjectProvider
  390. m_UserObjectProvider
  391. m_MyWebServicesObjectProvider
  392. .cctor
  393. get_Computer
  394. get_Application
  395. get_User
  396. get_WebServices
  397. WebServices
  398. MyWebServices
  399. GetType
  400. Create__Instance__
  401. instance
  402. Dispose__Instance__
  403. ThreadSafeObjectProvider`1
  404. GetInstance
  405. GClass0
  406. infooeoe
  407. _myTimer
  408. _TIIMMER
  409. _scrti
  410. _loloa
  411. _kebrd
  412. _rzzzzr
  413. string_0
  414. string_1
  415. THETHE
  416. FTPEP
  417. TELLE
  418. TOTO
  419. FOFO
  420. SUSU
  421. POPO
  422. PTPT
  423. USEUSE
  424. ESUESU
  425. URLEL
  426. TheID
  427. thetoken
  428. loccle
  429. path22
  430. path23
  431. path24
  432. PASSWORD
  433. StolsClip
  434. login_url
  435. post_url
  436. dev_key
  437. user_name
  438. user_password
  439. user_key
  440. result
  441. strin
  442. kkkkkbssssss
  443. _HKB
  444. strinjj
  445. enct
  446. input
  447. get_myTimer
  448. set_myTimer
  449. value
  450. get_TIIMMER
  451. set_TIIMMER
  452. get_scrti
  453. set_scrti
  454. get_loloa
  455. set_loloa
  456. get_kebrd
  457. set_kebrd
  458. get_rzzzzr
  459. set_rzzzzr
  460. smethod_0
  461. smethod_1
  462. smethod_2
  463. smethod_3
  464. smethod_4
  465. smethod_5
  466. sender
  467. oewepe
  468. kkkAss
  469. SCRIN
  470. UploadMultipart
  471. file
  472. filename
  473. contentType
  474. Login
  475. Post
  476. paste_code
  477. paste_name
  478. paste_format
  479. DecompressGZip
  480. bytesToDecompress
  481. LQXYGZYYRI
  482. KJKWCCYACS
  483. Main
  484. smethod_6
  485. killle
  486. smethod_7
  487. smethod_8
  488. GetModuleFileNameA
  489. kernel32
  490. hModule
  491. lpFileName
  492. nSize
  493. ExitProcess
  494. uExitCode
  495. MoveFileExW
  496. lpExistingFileName
  497. lpNewFileName
  498. dwdvsdfdbdtyd
  499. smethod_9
  500. AddToStartup
  501. name
  502. path
  503. Sendit
  504. kkkA
  505. telegramsender
  506. tokennns
  507. urrid
  508. GetAsyncKeyState
  509. user32
  510. vKey
  511. GetKeyState
  512. nVirtKey
  513. smethod_10
  514. GetShift
  515. smethod_11
  516. smethod_12
  517. kkkAssaa
  518. get_HKB
  519. set_HKB
  520. GetForegroundWindow
  521. user32.dll
  522. GetWindowTextA
  523. hwnd
  524. lpString
  525. GAWT
  526. shiftandcaps
  527. myTimer
  528. TIIMMER
  529. scrti
  530. loloa
  531. kebrd
  532. rzzzzr
  533. Class0
  534. cPass
  535. opera_salt
  536. key_size
  537. pathsss
  538. DOutput
  539. Opass
  540. encryptedData
  541. pHash
  542. smethod_13
  543. smethod_14
  544. smethod_15
  545. smethod_16
  546. smethod_17
  547. smethod_18
  548. smethod_19
  549. smethod_20
  550. smethod_21
  551. smethod_22
  552. smethod_23
  553. smethod_24
  554. smethod_25
  555. smethod_26
  556. smethod_27
  557. smethod_28
  558. smethod_29
  559. smethod_30
  560. smethod_31
  561. smethod_32
  562. CryptUnprotectData
  563. Crypt32.dll
  564. pDataIn
  565. szDataDescr
  566. pOptionalEntropy
  567. pvReserved
  568. pPromptStruct
  569. dwFlags
  570. pDataOut
  571. smethod_33
  572. Datas
  573. smethod_34
  574. smethod_35
  575. encrypt_data
  576. GClass1
  577. db_bytes
  578. page_size
  579. encoding
  580. master_table_entries
  581. SQLDataTypeSize
  582. table_entries
  583. field_names
  584. startIndex
  585. endIndex
  586. IsOdd
  587. method_0
  588. ReadMasterTable
  589. Offset
  590. method_1
  591. ReadTable
  592. TableName
  593. GetRowCount
  594. row_num
  595. field
  596. GetTableNames
  597. baseName
  598. GClass2
  599. Class3
  600. NSS3
  601. hModuleList
  602. LoadLibrary
  603. kernel32.dll
  604. dllFilePath
  605. GetProcAddress
  606. procName
  607. CreateAPI
  608. method
  609. NSS_Shutdown
  610. FreeLibrary
  611. NSS_Inite
  612. configdir
  613. Decrypt
  614. cypherText
  615. data
  616. GClass3
  617. _Url
  618. _Username
  619. _Password
  620. get_Url
  621. set_Url
  622. get_Username
  623. set_Username
  624. get_Password
  625. set_Password
  626. Username
  627. Password
  628. kjdshfi23ur9fjsdfmiowuf9sods
  629. HC_ACTION
  630. WH_KEYBOARD_LL
  631. WM_KEYDOWN
  632. WM_KEYUP
  633. WM_SYSKEYDOWN
  634. WM_SYSKEYUP
  635. KDEvent
  636. KUEvent
  637. SetWindowsHookExA
  638. idHook
  639. lpfn
  640. hmod
  641. dwThreadId
  642. CallNextHookEx
  643. hHook
  644. nCode
  645. wParam
  646. lParam
  647. UnhookWindowsHookEx
  648. add_KD
  649. remove_KD
  650. add_KU
  651. remove_KU
  652. KeyboardProcwew
  653. Class1
  654. _appName
  655. _username
  656. _password
  657. _URL
  658. set_UserName
  659. get_URL
  660. set_URL
  661. get_appName
  662. set_appName
  663. UserName
  664. appName
  665. CryptProtectPromptFlags
  666. value__
  667. CRYPTPROTECT_PROMPT_ON_UNPROTECT
  668. CRYPTPROTECT_PROMPT_ON_PROTECT
  669. CRYPTPROTECT_PROMPTSTRUCT
  670. cbSize
  671. dwPromptFlags
  672. hwndApp
  673. szPrompt
  674. DATA_BLOB
  675. cbData
  676. pbData
  677. record_header_field
  678. size
  679. type
  680. table_entry
  681. row_id
  682. content
  683. sqlite_master_entry
  684. item_type
  685. item_name
  686. astable_name
  687. root_num
  688. sql_statement
  689. FFLogins
  690. _nextId
  691. _logins
  692. _disabledHosts
  693. _version
  694. get_nextId
  695. set_nextId
  696. get_logins
  697. set_logins
  698. get_disabledHosts
  699. set_disabledHosts
  700. get_version
  701. set_version
  702. nextId
  703. logins
  704. disabledHosts
  705. version
  706. Class2
  707. _hostname
  708. _url
  709. _httprealm
  710. _formSubmitURL
  711. _usernameField
  712. _passwordField
  713. _encryptedUsername
  714. _encryptedPassword
  715. _guid
  716. _encType
  717. _timeCreated
  718. _timeLastUsed
  719. _timePasswordChanged
  720. _timesUsed
  721. get_id
  722. set_id
  723. get_hostname
  724. set_hostname
  725. get_url
  726. set_url
  727. get_httprealm
  728. set_httprealm
  729. get_formSubmitURL
  730. set_formSubmitURL
  731. get_usernameField
  732. set_usernameField
  733. get_passwordField
  734. set_passwordField
  735. get_encryptedUsername
  736. set_encryptedUsername
  737. get_encryptedPassword
  738. set_encryptedPassword
  739. get_guid
  740. set_guid
  741. get_encType
  742. set_encType
  743. get_timeCreated
  744. set_timeCreated
  745. get_timeLastUsed
  746. set_timeLastUsed
  747. get_timePasswordChanged
  748. set_timePasswordChanged
  749. get_timesUsed
  750. set_timesUsed
  751. hostname
  752. httprealm
  753. formSubmitURL
  754. usernameField
  755. passwordField
  756. encryptedUsername
  757. encryptedPassword
  758. guid
  759. encType
  760. timeCreated
  761. timeLastUsed
  762. timePasswordChanged
  763. timesUsed
  764. DLLFunctionDelegate6
  765. TargetObject
  766. TargetMethod
  767. BeginInvoke
  768. DelegateCallback
  769. DelegateAsyncState
  770. EndInvoke
  771. DelegateAsyncResult
  772. Invoke
  773. DLLFunctionDelegate
  774. DLLFunctionDelegate4
  775. arenaOpt
  776. outItemOpt
  777. inStr
  778. inLen
  779. DLLFunctionDelegate5
  780. TSECItem
  781. SECItemType
  782. SECItemData
  783. SECItemLen
  784. sadfgbui32yur89usjdf8934rtf
  785. sdicyhsjcjsdnc
  786. scancode
  787. flags
  788. time
  789. dwExtraInfo
  790. KeyboardProcDelegateee
  791. KDEventHandler
  792. KUEventHandler
  793. PRINCE 404
  794. ^1b1
  795. b1[1^1V1
  796. "C7+D
  797. MyTemplate
  798. 14.0.0.0
  799. My.Application
  800. My.User
  801. My.Computer
  802. My.WebServices
  803. 4System.Web.Services.Protocols.SoapHttpClientProtocol
  804. Create__Instance__
  805. Dispose__Instance__
  806. rzzzzr
  807. kebrd
  808. loloa
  809. scrti
  810. TIIMMER
  811. myTimer
  812. WrapNonExceptionThrows
  813. _CorExeMain
  814. mscoree.dll
  815. <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
  816. <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  817. <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  818. <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
  819. <security>
  820. <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
  821. <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
  822. </requestedPrivileges>
  823. </security>
  824. </trustInfo>
  825. </assembly>
  826.  
  827. FLOSS static UTF-16 strings
  828. Persistence'False
  829. ------- + INFO + -------
  830. IP:
  831. Owner Name:
  832. OS Name:
  833. OS Version:
  834. OS PlatForm:
  835. RAM Size:
  836. -------------------------
  837. False
  838. shushu
  839. TRUSSTS
  840. contact@frankella.com
  841. smtp.privateemail.com
  842. <redacted>
  843. Results.txt
  844. Clipboardlog.txt
  845. Leyboardlogs.txt
  846. {0:f2} GB
  847. user-agent
  848. Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)
  849. http://checkip.dyndns.org/
  850. <html><head><title>Current IP Check</title></head><body>
  851. </body></html>
  852. Current IP Address:
  853. http
  854. <http>
  855. True
  856. .txt
  857. |------- Results - Clipboard Logs -------|
  858. ---------------------------------------------
  859. Create
  860. Clipboard -
  861. STOR
  862. Clipboard Logs | Client Name:
  863. Tretzhh
  864. Clipboard Logs | Client Name:
  865. |------- Results - Clipboard Logs -------|
  866. Screenshot
  867. .png
  868. \404k
  869. \404k\
  870. Screenshot -
  871. Screenshot | Client Name:
  872. |------ Results - Screenshot ------|
  873. ------------------------
  874. Content-Type
  875. multipart/form-data; boundary=
  876. --{0}
  877. Content-Disposition: form-data; name="document"; filename="{1}"
  878. Content-Type: {2}
  879. --{0}--
  880. POST
  881. api_dev_key
  882. api_user_name
  883. api_user_password
  884. https://pastebin.com/api/api_login.php
  885. Bad API request
  886. api_user_key
  887. api_option
  888. paste
  889. api_paste_code
  890. api_paste_name
  891. api_paste_format
  892. api_paste_private
  893. api_paste_expire_date
  894. https://pastebin.com/api/api_post.php
  895. Read
  896. Write
  897. ToArray
  898. MSGtype12
  899. chrome
  900. zlclient
  901. egui
  902. bdagent
  903. npfmsg
  904. olydbg
  905. anubis
  906. wireshark
  907. avastui
  908. _Avp32
  909. vsmon
  910. mbam
  911. keyscrambler
  912. _Avpcc
  913. _Avpm
  914. Ackwin32
  915. Outpost
  916. Anti-Trojan
  917. ANTIVIR
  918. Apvxdwin
  919. ATRACK
  920. Autodown
  921. Avconsol
  922. Ave32
  923. Avgctrl
  924. Avkserv
  925. Avnt
  926. Avp32
  927. Avpcc
  928. Avpdos32
  929. Avpm
  930. Avptc32
  931. Avpupd
  932. Avsched32
  933. AVSYNMGR
  934. Avwin95
  935. Avwupd32
  936. Blackd
  937. Blackice
  938. Cfiadmin
  939. Cfiaudit
  940. Cfinet
  941. Cfinet32
  942. Claw95
  943. Claw95cf
  944. Cleaner
  945. Cleaner3
  946. Defwatch
  947. Dvp95
  948. Dvp95_0
  949. Ecengine
  950. Esafe
  951. Espwatch
  952. F-Agnt95
  953. Findviru
  954. Fprot
  955. F-Prot
  956. F-Prot95
  957. Fp-Win
  958. F-Stopw
  959. Iamapp
  960. Iamserv
  961. Ibmasn
  962. Ibmavsp
  963. Icload95
  964. Icloadnt
  965. Icmon
  966. Icsupp95
  967. Icsuppnt
  968. Iface
  969. Iomon98
  970. Jedi
  971. Lockdown2000
  972. Lookout
  973. Luall
  974. MCAFEE
  975. Moolive
  976. Mpftray
  977. N32scanw
  978. NAVAPSVC
  979. NAVAPW32
  980. NAVLU32
  981. Navnt
  982. NAVRUNR
  983. Navw32
  984. Navwnt
  985. NeoWatch
  986. NISSERV
  987. Nisum
  988. Nmain
  989. Normist
  990. NORTON
  991. Nupgrade
  992. Nvc95
  993. Padmin
  994. Pavcl
  995. Pavsched
  996. Pavw
  997. PCCIOMON
  998. PCCMAIN
  999. Pccwin98
  1000. Pcfwallicon
  1001. Persfw
  1002. POP3TRAP
  1003. PVIEW95
  1004. Rav7
  1005. Rav7win
  1006. Rescue
  1007. Safeweb
  1008. Scan32
  1009. Scan95
  1010. Scanpm
  1011. Scrscan
  1012. Serv95
  1013. SMCSERVICE
  1014. Snort
  1015. Sphinx
  1016. Sweep95
  1017. SYMPROXYSVC
  1018. Tbscan
  1019. Tds2-98
  1020. Tds2-Nt
  1021. TermiNET
  1022. Vet95
  1023. Vettray
  1024. Vscan40
  1025. Vsecomr
  1026. Vshwin32
  1027. Vsstat
  1028. Webscanx
  1029. WEBTRAP
  1030. Wfindv32
  1031. Zonealarm
  1032. LOCKDOWN2000
  1033. RESCUE32
  1034. LUCOMSERVER
  1035. avgcc
  1036. avgamsvr
  1037. avgupsvc
  1038. avgw
  1039. avgcc32
  1040. avgserv
  1041. avgserv9
  1042. avgserv9schedapp
  1043. avgemc
  1044. ashwebsv
  1045. ashdisp
  1046. ashmaisv
  1047. ashserv
  1048. aswUpdSv
  1049. symwsc
  1050. norton
  1051. Norton Auto-Protect
  1052. norton_av
  1053. nortonav
  1054. ccsetmgr
  1055. ccevtmgr
  1056. avadmin
  1057. avcenter
  1058. avgnt
  1059. avguard
  1060. avnotify
  1061. avscan
  1062. guardgui
  1063. nod32krn
  1064. nod32kui
  1065. clamscan
  1066. clamTray
  1067. clamWin
  1068. freshclam
  1069. oladdin
  1070. sigtool
  1071. w9xpopen
  1072. Wclose
  1073. cmgrdian
  1074. alogserv
  1075. mcshield
  1076. vshwin32
  1077. avconsol
  1078. vsstat
  1079. avsynmgr
  1080. avcmd
  1081. avconfig
  1082. licmgr
  1083. sched
  1084. preupd
  1085. MsMpEng
  1086. MSASCui
  1087. Avira.Systray
  1088. \tmpG
  1089. .tmp
  1090. software\microsoft\windows\currentversion\run
  1091. |------- Results - Passwords -------|
  1092. ---------------------------------------------
  1093. Results -
  1094. PSWD | Client Name:
  1095. Vavaa
  1096. ---------------------------------------------
  1097. Results
  1098. PSWD | Client Name:
  1099. |------- Results - Passwords -------|
  1100. https://api.telegram.org/bot
  1101. /sendMessage?chat_id=
  1102. &text=
  1103. |------- Results - Keyboard Logs -------|
  1104. Keyboard -
  1105. Keyboard Logs | Client Name:
  1106. |------- Results - Keyboard Logs -------|
  1107. [BACK]
  1108. [F1]
  1109. [F2]
  1110. [F3]
  1111. [F4]
  1112. [F5]
  1113. [F6]
  1114. [F7]
  1115. [F8]
  1116. [F9]
  1117. [F10]
  1118. [F11]
  1119. [F12]
  1120. [TAB]
  1121. [END]
  1122. [ESC]
  1123. https://myip.dnsomatic.com
  1124. ==== + Outlook + ====
  1125. URL:
  1126. Email:
  1127. Password:
  1128. =============================
  1129. IMAP Password
  1130. POP3 Password
  1131. HTTP Password
  1132. SMTP Password
  1133. Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676
  1134. Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676
  1135. Software\Microsoft\Windows Messaging Subsystem\Profiles\9375CFF0413111d3B88A00104B2A6676
  1136. Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676
  1137. Email
  1138. GetBytes
  1139. SMTP Server
  1140. Nothing
  1141. Outlook
  1142. SOFTWARE\Classes\Foxmail.url.mailto\Shell\open\command
  1143. Foxmail.exe
  1144. Storage\
  1145. \Accounts\Account.rec0
  1146. Account
  1147. POP3Account
  1148. Password
  1149. POP3Password
  1150. ==== + Foxmail + ====
  1151. E-Mail: {0}
  1152. Password: {0}
  1153. \Google\Chrome\User Data\Default\Login Data
  1154. ReadTable
  1155. logins
  1156. GetRowCount
  1157. GetValue
  1158. origin_url
  1159. username_value
  1160. password_value
  1161. ==== + Google Chrome + ====
  1162. Host:
  1163. Username:
  1164. AppData
  1165. \.purple\accounts.xml
  1166. protocol
  1167. name
  1168. password
  1169. ===== + Pidgin + =====
  1170. Protocol:
  1171. \Liebao7\User Data\Default\EncryptedStorage
  1172. entries
  1173. str3
  1174. str2
  1175. blob0
  1176. ===== + Liebao + =====
  1177. Host:
  1178. \AVAST Software\Browser\User Data\Default\Login Data
  1179. snigol
  1180. lru_nigiro
  1181. eulav_emanresu
  1182. eulav_drowssap
  1183. ===== + Avast + =====
  1184. Host:
  1185. \Tencent\QQBrowser\User Data\Default\Login Data
  1186. ==== + QQ Browser + ====
  1187. Host:
  1188. \Orbitum\User Data\Default\Login Data
  1189. ==== + Orbitum Browser + ====
  1190. Host:
  1191. \CocCoc\Browser\User Data\Default\Login Data
  1192. ==== + Coc Coc Browser + ====
  1193. Host:
  1194. \Slimjet\User Data\Default\Login Data
  1195. ==== + Slimjet Browser + ====
  1196. Host:
  1197. \Iridium\User Data\Default\Login Data
  1198. ==== + Iridium Browser + ====
  1199. Host:
  1200. \Vivaldi\User Data\Default\Login Data
  1201. ==== + Vivaldi Browser + ====
  1202. Host:
  1203. \Chromium\User Data\Default\Login Data
  1204. ==== + Iron Browser + ====
  1205. Host:
  1206. ==== + Chromium Browser + ====
  1207. Host:
  1208. \GhostBrowser\User Data\Default\Login Data
  1209. ==== + Ghost Browser + ====
  1210. Host:
  1211. \CentBrowser\User Data\Default\Login Data
  1212. ==== + Cent Browser + ====
  1213. Host:
  1214. \Xvast\User Data\Default\Login Data
  1215. ==== + Xvast Browser + ====
  1216. Host:
  1217. \Chedot\User Data\Default\Login Data
  1218. ==== + Chedot + ====
  1219. Host:
  1220. \SuperBird\User Data\Default\Login Data
  1221. ==== + SuperBird Browser + ====
  1222. Host:
  1223. \360Browser\Browser\User Data\Default\Login Data
  1224. ==== + 360 Browser + ====
  1225. Host:
  1226. \360Chrome\Chrome\User Data\Default\Login Data
  1227. \Comodo\Dragon\User Data\Default\Login Data
  1228. ==== + Comodo Dragon + ====
  1229. Host:
  1230. \BraveSoftware\Brave-Browser\User Data\Default\Login Data
  1231. ==== + Brave Browser + ====
  1232. Host:
  1233. \Torch\User Data\Default\Login Data
  1234. ==== + Torch Browser + =====
  1235. Host:
  1236. \UCBrowser\User Data_i18n\Default\UC Login Data.18
  1237. wow_logins
  1238. ==== + UC Browser + =====
  1239. Host:
  1240. \Blisk\User Data\Default\Login Data
  1241. ==== + Blisk Browser + =====
  1242. Host:
  1243. \Epic Privacy Browser\User Data\Default\Login Data
  1244. ==== + Epic Browser + =====
  1245. Host:
  1246. ataD nigoL\elbatS arepO\erawtfoS arepO\
  1247. tad.dnaw\eliforp\arepO\arepO\
  1248. ==== + Opera Browser + ====
  1249. Host:
  1250. APPDATA
  1251. \FileZilla\recentservers.xml
  1252. Host
  1253. User
  1254. Pass
  1255. Port
  1256. ===== + FileZilla + =====
  1257. Host:
  1258. Username:
  1259. Password:
  1260. Port:
  1261. abcdefghijklmnopqrstuvwxyz1234567890_-.~!@#$%^&*()[{]}\|';:,<>/?+=
  1262. IndexOf
  1263. Substring
  1264. UNIQUE
  1265. table
  1266. Mozilla\Firefox\Profiles
  1267. logins.json
  1268. ===== + FireFox + =====
  1269. Host:
  1270. =============================
  1271. Thunderbird\Profiles\
  1272. ===== + Thunderbird + =====
  1273. Host:
  1274. Mozilla\SeaMonkey\Profiles
  1275. ===== + SeaMonkey + =====
  1276. Host:
  1277. Comodo\IceDragon\Profiles
  1278. ===== + Comodo IceDeagon + =====
  1279. Host:
  1280. 8pecxstudios\Cyberfox\Profiles
  1281. ===== + Cyber Fox + =====
  1282. Host:
  1283. Moonchild Productions\Pale Moon\Profiles
  1284. ===== + Pale Moon + =====
  1285. Host:
  1286. NSS_Shutdown
  1287. PROGRAMFILES
  1288. \Mozilla Thunderbird\
  1289. \Mozilla Firefox\
  1290. \SeaMonkey\
  1291. \Comodo\IceDragon\
  1292. \Cyberfox\
  1293. \Pale Moon\
  1294. \mozglue.dll
  1295. \nss3.dll
  1296. NSS_Init
  1297. https://pastebin.com/api/api_login.php
  1298. https://pastebin.com/api/api_post.php
  1299. VS_VERSION_INFO
  1300. VarFileInfo
  1301. Translation
  1302. StringFileInfo
  1303. 000004b0
  1304. FileDescription
  1305. FileVersion
  1306. 0.0.0.0
  1307. InternalName
  1308. PRINCE 404.exe
  1309. LegalCopyright
  1310. OriginalFilename
  1311. PRINCE 404.exe
  1312. ProductVersion
  1313. 0.0.0.0
  1314. Assembly Version
  1315. 0.0.0.0
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!