To the point:
Go to the log, then to the "wallets" folder, then to "Exodus".
Download the Exodus client.
All you need to do is replace the files in the %AppData%\Roaming\Exodus\exodus.wallet \ folder with the files from the log and launch the client.
Electrum:
Download the Electrum clientWe open the client file from the log, select the password, the passwords are in the log (Passwords.txt), if you can't find a pass, it is possible that the person who got caught on stiller stores a mnemonic phrase for wallet backup (look for the phrase in the FileGrabber folder).
Any qt:
If it's simple, then qt-wallet. dat is in your log. It can be MinexCoin, Dogecoin, Bitcoin, Litecoin, etc. In order to find out the balance, you need to open wallet. dat via a regular notepad. Press Ctrl + F, enter "name" and press Enter.
Name - this is the wallet address that is hidden in this folder. And now, by copying the received address, we can check its contents on the exchange. There are coins that do not have their own blockchain, in this case, you will not be able to resort to this option.
In this example, copy the value "XXs3Mduh8kxPbgqFQKwGWYM9YjH5R6SYbK"
Now go to the search engine and write "/ wallet name / explorer". In this case, "minexcoin explorer":
Click on the link, insert the address and see the balance:
Go to coinmarketcap or Trust Wallet, see how much this coin costs:
In this case, this is a penny, and you should not even bother with the withdrawal. If you have money, then download the coin wallet from the off. site - write in Google "Minexcoin wallet", for example. Downloaded - change the wallet.dat file in the folder C:\Users\computername\AppData\Roaming\name from your wallet\ and then use your wallet to withdraw money wherever you want.
By the way, not all unpopular coins are available on exchanges. To find out where we can withdraw coins, you need to see where the coin is being traded. For this purpose, the same coinmarketcap has a section just below:
Here we see the exchanges where the coin is traded. We start an account there and withdraw our coins. Here I think everything is simple.
And now you will understand why it is so necessary to have a font grabber of files in the stiller functions. Redline has a very flexible configuration for grabbing files - you can set the path, file type, maximum size, etc. You don't need to configure it for everything in a row .Just set it to.txt and .doc files from the desktop. For some reason, many victims like to store data there, and sometimes sign something from what.
Let's go in order. The first thing we see in this example is 12 words for restoring a blockchain wallet. There is also a username above, but no password. The password, by the way, is most likely suitable from the file with logs/passes. But that's not the point right now.
If there are 12 words, then we can not search for the pass, but immediately restore the funds. To do this, go to the blockchain
Enter 12 words:
We come up with an email address, password, and check the box
We get into the wallet. And, accordingly, we can safely deduce what is there.
If there is such a thing in the text file:
Monero generates a private key for the login. Therefore, if you see such a picture, then this is the entrance itself. We act by analogy with the blockchain - we go to the site, enter 13 words (all coins have a different number of words) and look at the balance. Output it.
For Ethereum, the login for logging in can look like this:
Go to the myetherwallet site:
We see the balance. It doesn't exist here, but always check whether tokens are attached to the address:
There are tokens, but they are not traded anywhere. If they had a value, then the price would be next to the quantity. Something like this:
Getting to mail is extremely important. We look at the logs for sites related to crypt. These can be:
https://www.blockchain.com/
Welcome to FaucetHub.io | FaucetHub - Bitcoin Micropayment Service
and so
HashFlare - Maintenance
hashflare.io
You should also look at the following exchanges: Exmo, Binance, Bittrex, Cryptopia, Yobit, Livecoin, StocksExchange.
You should always keep your email open, because most sites require confirmation to log in via email. Once you've read the email, delete it in the trash and then out of the trash.
Often, the entrance costs additional protection - 2 Factor Authentication (2FA)
This is a 6-digit code that you need to enter in the special field at the entrance. To do this, you need to look for a backup copy of this code in the stiller log. It can be either in text form or in the form of a QR code. We download the Google Autentification app to our phone, scan the code or enter text. Now we have a 6-digit code generated on our phone, the same as on the phone of the owner of account.
