mirror of
https://github.com/Gi7w0rm/MalwareConfigLists
synced 2024-06-28 09:53:06 +00:00
154 lines
5.0 KiB
Plaintext
154 lines
5.0 KiB
Plaintext
|
SELECT * FROM Win32_DiskDrive
|
||
|
SerialNumber
|
||
|
-
|
||
|
77.73.133.83
|
||
|
15647
|
||
|
09.01 #2
|
||
|
True
|
||
|
https://pastebin.com/raw/NdY0fAXm
|
||
|
p8Ga5rmzt0SWaIMgO1D9P2eA/on1sj+MugV7SZOjq/c=
|
||
|
Receive
|
||
|
Type
|
||
|
ReceiveEncryptionStatus
|
||
|
Software\Microsoft\Windows\CurrentVersion\Policies\System
|
||
|
ConsentPromptBehaviorAdmin
|
||
|
0
|
||
|
Status
|
||
|
On
|
||
|
%USERPROFILE%\AppData\Local\Battle.net
|
||
|
%USERPROFILE%\AppData\Local\Chromium\User Data
|
||
|
%USERPROFILE%\AppData\Local\Google\Chrome\User Data
|
||
|
%USERPROFILE%\AppData\Local\Google(x86)\Chrome\User Data
|
||
|
%USERPROFILE%\AppData\Roaming\Opera Software\
|
||
|
%USERPROFILE%\AppData\Local\MapleStudio\ChromePlus\User Data
|
||
|
%USERPROFILE%\AppData\Local\Iridium\User Data
|
||
|
%USERPROFILE%\AppData\Local\7Star\7Star\User Data
|
||
|
%USERPROFILE%\AppData\Local\CentBrowser\User Data
|
||
|
%USERPROFILE%\AppData\Local\Chedot\User Data
|
||
|
%USERPROFILE%\AppData\Local\Vivaldi\User Data
|
||
|
%USERPROFILE%\AppData\Local\Kometa\User Data
|
||
|
%USERPROFILE%\AppData\Local\Elements Browser\User Data
|
||
|
%USERPROFILE%\AppData\Local\Epic Privacy Browser\User Data
|
||
|
%USERPROFILE%\AppData\Local\uCozMedia\Uran\User Data
|
||
|
%USERPROFILE%\AppData\Local\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer
|
||
|
%USERPROFILE%\AppData\Local\CatalinaGroup\Citrio\User Data
|
||
|
%USERPROFILE%\AppData\Local\Coowon\Coowon\User Data
|
||
|
%USERPROFILE%\AppData\Local\liebao\User Data
|
||
|
%USERPROFILE%\AppData\Local\QIP Surf\User Data
|
||
|
%USERPROFILE%\AppData\Local\Orbitum\User Data
|
||
|
%USERPROFILE%\AppData\Local\Comodo\Dragon\User Data
|
||
|
%USERPROFILE%\AppData\Local\Amigo\User\User Data
|
||
|
%USERPROFILE%\AppData\Local\Torch\User Data
|
||
|
%USERPROFILE%\AppData\Local\Yandex\YandexBrowser\User Data
|
||
|
%USERPROFILE%\AppData\Local\Comodo\User Data
|
||
|
%USERPROFILE%\AppData\Local\360Browser\Browser\User Data
|
||
|
%USERPROFILE%\AppData\Local\Maxthon3\User Data
|
||
|
%USERPROFILE%\AppData\Local\K-Melon\User Data
|
||
|
%USERPROFILE%\AppData\Local\Sputnik\Sputnik\User Data
|
||
|
%USERPROFILE%\AppData\Local\Nichrome\User Data
|
||
|
%USERPROFILE%\AppData\Local\CocCoc\Browser\User Data
|
||
|
%USERPROFILE%\AppData\Local\Uran\User Data
|
||
|
%USERPROFILE%\AppData\Local\Chromodo\User Data
|
||
|
%USERPROFILE%\AppData\Local\Mail.Ru\Atom\User Data
|
||
|
%USERPROFILE%\AppData\Local\BraveSoftware\Brave-Browser\User Data
|
||
|
%USERPROFILE%\AppData\Local\Microsoft\Edge\User Data
|
||
|
%USERPROFILE%\AppData\Local\NVIDIA Corporation\NVIDIA GeForce Experience
|
||
|
%USERPROFILE%\AppData\Local\Steam
|
||
|
%USERPROFILE%\AppData\Local\CryptoTab Browser\User Data
|
||
|
%USERPROFILE%\AppData\Roaming\Mozilla\Firefox
|
||
|
%USERPROFILE%\AppData\Roaming\Waterfox
|
||
|
%USERPROFILE%\AppData\Roaming\K-Meleon
|
||
|
%USERPROFILE%\AppData\Roaming\Thunderbird
|
||
|
%USERPROFILE%\AppData\Roaming\Comodo\IceDragon
|
||
|
%USERPROFILE%\AppData\Roaming\8pecxstudios\Cyberfox
|
||
|
%USERPROFILE%\AppData\Roaming\NETGATE Technologies\BlackHaw
|
||
|
%USERPROFILE%\AppData\Roaming\Moonchild Productions\Pale Moon
|
||
|
Yandex\YaAddon
|
||
|
|||
|
||
|
x64
|
||
|
SOFTWARE\Microsoft\Windows NT\CurrentVersion
|
||
|
ProductName
|
||
|
CSDVersion
|
||
|
SOFTWARE\WOW6432Node\Clients\StartMenuInternet
|
||
|
shell\open\command
|
||
|
"
|
||
|
FileSystem
|
||
|
SELECT * FROM Win32_Processor
|
||
|
Name
|
||
|
NumberOfCores
|
||
|
root\CIMV2
|
||
|
SELECT * FROM Win32_VideoController
|
||
|
AdapterRAM
|
||
|
0 Mb or 0
|
||
|
SELECT * FROM Win32_OperatingSystem
|
||
|
{0}{1}{2}
|
||
|
Login Data
|
||
|
Web Data
|
||
|
Cookies
|
||
|
Opera GX Stable
|
||
|
AppData\Roaming\
|
||
|
_[
|
||
|
]
|
||
|
\
|
||
|
(
|
||
|
UNIQUE
|
||
|
Network\
|
||
|
f2f279c5-e59e-4bc9-8709-ab92ee395ecb99
|
||
|
.
|
||
|
1
|
||
|
windows-1251
|
||
|
bcrypt.dll
|
||
|
AES
|
||
|
Microsoft Primitive Provider
|
||
|
ChainingModeGCM
|
||
|
BCryptOpenAlgorithmProvider
|
||
|
ChainingMode
|
||
|
BCryptSetProperty
|
||
|
ObjectLength
|
||
|
BCryptGetProperty
|
||
|
KeyDataBlob
|
||
|
BCryptImportKey
|
||
|
AuthTagLength
|
||
|
BCryptDecrypt
|
||
|
BCryptDestroyKey
|
||
|
BCryptCloseAlgorithmProvider
|
||
|
cmedit_cards
|
||
|
MANGO
|
||
|
SELECT * FROM Win32_Process Where SessionId='
|
||
|
[
|
||
|
MetaC
|
||
|
%localappdata%\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
|
||
|
ChainC
|
||
|
%localappdata%\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp
|
||
|
TronC
|
||
|
%localappdata%\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec
|
||
|
CBitC
|
||
|
%localappdata%\Google\Chrome\User Data\Default\Local Extension Settings\ckpaelocniggkheibcacecnmmlmeodfa
|
||
|
MetaB
|
||
|
%localappdata%\BraveSoftware\Brave-Browser\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
|
||
|
ChainB
|
||
|
%localappdata%\BraveSoftware\Brave-Browser\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp
|
||
|
TronB
|
||
|
%localappdata%\BraveSoftware\Brave-Browser\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec
|
||
|
CBitB
|
||
|
%localappdata%\BraveSoftware\Brave-Browser\User Data\Default\Local Extension Settings\ckpaelocniggkheibcacecnmmlmeodfa
|
||
|
AtomL
|
||
|
%appdata%\atomic
|
||
|
ExodL
|
||
|
%appdata%\exodus
|
||
|
ElectrL
|
||
|
%appdata%\electrum
|
||
|
DaedL
|
||
|
%appdata%\Daedalus Mainnet\
|
||
|
NONE
|
||
|
http://eth0.me
|
||
|
{"Type":"ConnectionType","ConnectionType":"Client","SessionID":"
|
||
|
","BotName":"
|
||
|
","BuildID":"
|
||
|
","BotOS":"
|
||
|
SELECT Caption FROM Win32_OperatingSystem
|
||
|
Caption
|
||
|
","URLData":"
|
||
|
","UIP":"
|
||
|
"}
|