10-11-2024, 04:37 PM
(This post was last modified: 10-15-2024, 10:26 AM by SHARKSTEALER.)
SHARKSTEALER represents the latest evolution in cyber data-theft. Based on our QA process that we applied to the product, it is functional on all Windows 7 x64 to Windows 11 x64 systems. Its mostly FUD malware (static and runtime).
The 'clean' stub (without using program-cloning) weighs about 200kb~, also, it does not require any external dependencies/libraries, that is one of the reasons why our stealer is functional on all systems.
The program-cloning just mentioned gives is an option of the SHARKSTEALER builder that gives you the ability to clone the attributes of any legitimate executable into the build you generate, this option makes the final build weigh around 200kb~ to 350kb~.
Steals all installed certificates (Personal Information Exchange - .pfx) on the system. Steals all the information from the 9 most popular browsers, both Gecko based and Chromium based browsers. Steals 54 browser extensions, both crypto-wallets and 2FA browser extensions. Also it steals 12 system installed cold-wallets, like Exodus. Steals 14 programs, such as OpenVPN, OpenSSH, Telegram, Discord, Steam or Epic Games. It steals the contents of the clipboard and takes a screenshot at the time of infection. Extensive system-enumeration to know the infected system perfectly.
SHARKSTEALER has the best file-grabber if you are a real malware operator. It detects and steals all files up of the infected user, detects and steals the files with following extensions: .pfx, .p12, .spc, .crt, .pem, .cer, .der, .p7b, .p7c, .ovpn (open vpn config), .jnpr (juniper vpn config), .pfc (cisco vpn config), .kdbx, .py, .conf, .conf, .bat, .cmd, .ps1, .pl, .php, .sh, .lua, .yml, .yaml, .txt, .png, .jpg, .jpeg, .pdf, .doc, .docx, .docm, .dotm, .xls, .xlsx, .xlsxm, .ppt, .pptx, .pptm, .csv, .rtf, .kt, .jspx, .jsp, .java, .cs, .hpp, .h, .c, .cpp, .rdp.
For example, this gives the operator the possibility that if the infected person has .pfx on the disk but not installed, the file-grabber will manage to steal it. All logs received from the infected are received in a private telegram group in which you are with the SHARKSTEALER telegram bot. The stub is checked (static and runtime) and cleaned every 7 days to ensure that the SHARKSTEALER is mostly undetectable (FUD).
Features
- Tested on all Windows 7 x64 to Windows 11 x64 systems
- Steals all installed certificates on the system,
- Steals all the information from the 9 most popular browsers, both Gecko based and Chromium based browsers
- Steals 12 system installed cold crypto wallets
- Steals 14 programs
- Steal 37 browser extension crypto wallets
- Steal 17 authenticators and password managers browser extension
- Steals a plenty of files of multiple extensions
- Stub checked and cleaned every 7 days
Technical information
- Coded in C/C++ & MASM x64
- Detects if its running in a VM (Virtual Machine) & advanced sandbox evasion
- Use of native Windows Apis (Syscalls) when needed
- 'Clean' stub build (without program-cloning) weigh around 100-150kb~ using UPX
- Stub unhooks NTDLL.DLL and patch ETW syscall for blinding user-land telemetry system information sources
- For more technical questions, contact SHARKSTEALER Malware administrator
Pricing
Two-Day License Time
- Access to telegram bot to receive stealer logs (zips)
- 24/7 support in English and Russian
- Highly undetectable, at present completely undetectable. FUD
Price: $50
One-Week License Time
- Access to telegram bot to receive stealer logs (zips)
- 24/7 support in English and Russian
- Highly undetectable, at present completely undetectable. FUD
Price: $100 / week
One-Month License Time
- Access to telegram bot to receive stealer logs (zips)
- 24/7 support in English and Russian
- Highly undetectable, at present completely undetectable. FUD
Price: $250 / month
¿Want to buy our service but don't have telegram?
You can message us with https://tox.chat/ using ID 3895BC91069C7647E9D1A175C802FE26AD945DAFAE8ED5669074E05EEACD9E1AC8AD64B6A96A
After payment, we will help you with creating/providing a telegram account in case you don't/can't have one.
Further information about the stealer can be found at our group https://t.me/sharkstealer
Telegram account https://t.me/SHARKSTEALERADMIN
The 'clean' stub (without using program-cloning) weighs about 200kb~, also, it does not require any external dependencies/libraries, that is one of the reasons why our stealer is functional on all systems.
The program-cloning just mentioned gives is an option of the SHARKSTEALER builder that gives you the ability to clone the attributes of any legitimate executable into the build you generate, this option makes the final build weigh around 200kb~ to 350kb~.
Steals all installed certificates (Personal Information Exchange - .pfx) on the system. Steals all the information from the 9 most popular browsers, both Gecko based and Chromium based browsers. Steals 54 browser extensions, both crypto-wallets and 2FA browser extensions. Also it steals 12 system installed cold-wallets, like Exodus. Steals 14 programs, such as OpenVPN, OpenSSH, Telegram, Discord, Steam or Epic Games. It steals the contents of the clipboard and takes a screenshot at the time of infection. Extensive system-enumeration to know the infected system perfectly.
SHARKSTEALER has the best file-grabber if you are a real malware operator. It detects and steals all files up of the infected user, detects and steals the files with following extensions: .pfx, .p12, .spc, .crt, .pem, .cer, .der, .p7b, .p7c, .ovpn (open vpn config), .jnpr (juniper vpn config), .pfc (cisco vpn config), .kdbx, .py, .conf, .conf, .bat, .cmd, .ps1, .pl, .php, .sh, .lua, .yml, .yaml, .txt, .png, .jpg, .jpeg, .pdf, .doc, .docx, .docm, .dotm, .xls, .xlsx, .xlsxm, .ppt, .pptx, .pptm, .csv, .rtf, .kt, .jspx, .jsp, .java, .cs, .hpp, .h, .c, .cpp, .rdp.
For example, this gives the operator the possibility that if the infected person has .pfx on the disk but not installed, the file-grabber will manage to steal it. All logs received from the infected are received in a private telegram group in which you are with the SHARKSTEALER telegram bot. The stub is checked (static and runtime) and cleaned every 7 days to ensure that the SHARKSTEALER is mostly undetectable (FUD).
Features
- Tested on all Windows 7 x64 to Windows 11 x64 systems
- Steals all installed certificates on the system,
- Steals all the information from the 9 most popular browsers, both Gecko based and Chromium based browsers
- Steals 12 system installed cold crypto wallets
- Steals 14 programs
- Steal 37 browser extension crypto wallets
- Steal 17 authenticators and password managers browser extension
- Steals a plenty of files of multiple extensions
- Stub checked and cleaned every 7 days
Technical information
- Coded in C/C++ & MASM x64
- Detects if its running in a VM (Virtual Machine) & advanced sandbox evasion
- Use of native Windows Apis (Syscalls) when needed
- 'Clean' stub build (without program-cloning) weigh around 100-150kb~ using UPX
- Stub unhooks NTDLL.DLL and patch ETW syscall for blinding user-land telemetry system information sources
- For more technical questions, contact SHARKSTEALER Malware administrator
Pricing
Two-Day License Time
- Access to telegram bot to receive stealer logs (zips)
- 24/7 support in English and Russian
- Highly undetectable, at present completely undetectable. FUD
Price: $50
One-Week License Time
- Access to telegram bot to receive stealer logs (zips)
- 24/7 support in English and Russian
- Highly undetectable, at present completely undetectable. FUD
Price: $100 / week
One-Month License Time
- Access to telegram bot to receive stealer logs (zips)
- 24/7 support in English and Russian
- Highly undetectable, at present completely undetectable. FUD
Price: $250 / month
¿Want to buy our service but don't have telegram?
You can message us with https://tox.chat/ using ID 3895BC91069C7647E9D1A175C802FE26AD945DAFAE8ED5669074E05EEACD9E1AC8AD64B6A96A
After payment, we will help you with creating/providing a telegram account in case you don't/can't have one.
Further information about the stealer can be found at our group https://t.me/sharkstealer
Telegram account https://t.me/SHARKSTEALERADMIN
