Main Features:
- .NET
- Coded in Visual Basic .NET, Client required framework 2.0 or 4.0 dependency, And server is 4.0
- Connection
- Using pastebin.com as ip:port , Instead of noip.com DNS. And Also using multi-ports
- Plugin
- Using plugin system to decrease stub's size and lower the AV detection
- Encryption
- The communication between server & client is encrypted with AES
- Spreading
- Infecting all files and folders on USB drivers
- Bypass
- Low AV detection and undetected startup method
- Lightweight
- Payload size is about 25 KB
- Anti Virtual Machines
- Uninstall itself if the machine is virtual to avoid scanning or analyzing
- Ransomware
- Encrypting files on all HHD and USB with .Lime extension
- XMR Miner
- High performance Monero CPU miner with user idle\active optimizations
- DDoS
- Creating a powerful DDOS attack to make an online service unavailable
- Crypto Stealer
- Stealing Cryptocurrency sensitive data
- Screen-Locker
- Prevents user from accessing their Windows GUI
- And more
- On Connect Auto Task
- Force enable Windows RDP
- Persistence
- File manager
- Passowrds stealer
- Remote desktop
- Bitcoin grabber
- Downloader
- Keylogger