Working with a stealer from A to Z. We earn money on cryptocurrency. Review. The project itself and the opinion.
The price is from$ 100 per month and up to $ 500 for a perpetual license.
If there is not so much money, then go to lolz>trade>private software and take there within 1000-5000 r any. You can't do any serious business with them, but it's good for you to get acquainted with them.
http://shop1.host - the most normal option from purchased installations, no matter what anyone says about this service. I recommend pouring a mix of the world and a mix of Europe, and do not touch the rest of the streams.
I do not advise you to go and register on the stock exchange, as for me - it's not worth it.
The most ideal log sources for us will be from google/facebook / email spam/shell. Unfortunately, we currently do not train in these areas.
Youtube will be the best option for us, the quality is higher than the exchange, and the costs will be zero if desired.
Choosing vps for the stealer panel:
(if needed)
Usually, when buying a stealer, you are immediately given recommended links to the servers and the necessary characteristics. From myself, I’ll just add that the RedLine styler feels good on https://mvps.net with a windows server for 16 euros / month.
Don't forget that your server can get banned at any time. At the time of writing this message, my server is 4+months old and there were no blockages.
There are options for crypt through a bot, there are options directly through people.
I also recommend buying software for crypt and using it to crypt. So it will be much cheaper, and the quality will be plus/minus the same.
I will not advise any particular crypter, because if everyone uses one, then the crypt will die faster and gain detectors.
Connect to the vpn and log in https://hackforums.net/ - >Cryptography and Encryption market. Choose one. Be sure to check with the seller whether the crypter supports your stiller and preferably ask for a trial for the test. Or you can waste your money.
Free services:
antiscan.me
kleenscan.com
Paid services:
avcheck.net
The ideal option is to have 0 detectors. But this doesn't always happen. We will use the statistics below.
According to statistics from Stiller: more than 50% of people use windows defender, about 40% do not use antivirus software at all. The rest use Avast/kaspersky/McAfee. All other antivirus programs are very rare.
Accordingly, if you have 1-2 detekta and one of them is Windows defender-such a crypt is garbage and it will not suit us.
If we have 3-5 detectors and they are all not popular, but we see some names for the first time - this is our option if we can't completely get rid of the detectors.
dyncheck has a RunTime file check, which is more expensive, but will show a more realistic detection of your file.
Do not forget that all these checkers give only an approximate result and 2 checks in a row on the same service may have different detectors.
Several reasons:
1. Your server where stillir is located has collected anti-virus detectors. This is completely normal. We periodically scan your server ip on the same sites where you check your file. If there are detections and the tap is dropped, you should change the server.
2. You need to change the port in the panel (if used).
3. Change the VPS or take a more expensive option.
4. Rewrite the file. Sometimes this happens and the rewrite helps.
5. Create a new build, especially if it was recently cleaned.
6. You are simply being deceived by someone who pours you installations.
For cloning, you should not use popular applications or files from windows folders. This can add detectors on the contrary.
Also, if your stiller drags tons of information from the computer, you may need to remove something and the percentage of knocking will increase.
You can upload the file in the archive and under a password.
For mass mailing lists, we do this:
Archive with the password +. txt file with the password is thrown into the archive and the archive itself is filled in.
If we need to get a direct link to the file, then we buy a domain+hosting and upload it there. There may also be a problem that the browser will not allow you to download the file due to the fact that it is not downloaded much. We will fix this with an ssl certificate, an old domain(we buy it at auctions) , and by purchasing installations on your link
In this case, the software helps us. You should choose it depending on what links you need.
A lot of software is sold on the lolz forum, in the "Private software" section.
For a check on YouTube and fb, I recommend taking a closer look at the DenDevil checker. And for sorting by links to the sorter from Alexa.
faceless.cc|luxsocks|911.re|fe-acc18.ru|sphere.tenebris.cc|ls.tenebris.cc
BC=blockchain|binance|coinbase|yobit|stormgain|bitfinex.com|argenbtc.com|kraken.com|bittrex.com|kucoin.com|hitbtc.com|remitano.com|huobi.com|bitmex.com|bithumb.com|mercadobitcoin.com.br|btcturk.com|bitbay.net|poloniex.com|bitstamp.net|bitpanda.com|mercatox.com|https://exmo.com|altcointrader.co.za|coinoneco.kr|braziliex.com|bitcoin.de|bibox.com|liquid.com|whitebit.com|bitflyer.com|coinbene.com|bitbank.cc|oceanex.pro|coinex.com|crex24.com|bitexbook.com|cdlconline24.com|bexplus.com|ataix.com|primexbt.com|btc-alpha.com|overbit.com|zbg.com|simex.global|stockpoint.io|coinut.com|exrates.me|idax.pro|gopax.com|kryptono.exchange|localtrade.cc|tokok.com|acx.io|idcm.io|bitso.com|tradeogre.com|digifinex.com|oex.com|bl3p.eu|agoradesk.com|localcryptos.com|hodlhodl.com|changelly.com|chainex.io|deribit.com|big.one|nexo.io|exchange.gemini.com|paxos.com|genesistrading.com|korbit.co.kr|bitquick.co|wazirx.com|bitex.la|ripio.com|satoshitango.com|foxbit.com.br|flowbtc.com.br|bitcointoyou.com|bitcambio.com.br|coinjar.com|bittylicious.com|quickbitcoin.co.uk|paymium.com|bity.com|coincorner.com|coinhako.com|bitoasis.net|buybitcoin.ph|coinage.ph|volabit.com|coincheck.com|bit2c.co.il|bitsofgold.co.il|buda.com|netcoins.ca|coinsmart.com|coinberry.com|coinsquare.com|mybtc.ca|coinspot.com.au|independentreserve.com|ginero.io|bitcoinvn.io|vbtc.exchange|surbitcoin.com|cryptobuyer.io|coins.co.th|maicoin.com|safello.com|cambistabitcoin.com|http://bitcoin.com|coinexx.com|coinfinity.co|cryptodispensers.com|jubiter.com|accointing.com|https://crypto.com|kot4x.com|coinapi.io|lakebtc.com|valr.com|hanbitco.com|zebpay.com|bidesk.com|hbtc.com|foblgate.com|paribu.com|vcc.exchange|paybito.com|chiliz.net|mxc.com|bkex.com|etherflyer.com|zb.com|ftx.com|sistemkoin.com|coinlim.com|paritex.com|omgfin.com|folgory.com|https://hoo.com|vindax.com|ripplefox.com|vebitcoin.com|coinegg.com|idex.market|newdex.io|safe.trade|dex.cybex.io|coinfield.com|getbtc.org|gobaba.com|hb.top|bitinka.com|bitinfi.com|dakuce.com|tideal.com|tidebit.com|omnitrade.io|btcmarkets.net|coinjar.com|coinmex.com|bitkonan.com|p2pb2b.io|incorex.com|coinsbit.io|gbx.global|litebit.eu|bitbegin.io|freiexchange.com|ooobtc.com|bitebtc.com|bitrue.com|bithash.net|tokenomy.com|orderbook.io|alluma.io|tokenjar.io|bitkub.com|satang.com|spicepay.com|http://bitcoinmeester.nl|stinex.net|myethshop.com|numoney.exchange|paxful.com|my.dogechain.info|coindcx.com|plus500.com|https://capital.com|ex.xbts.io|gatehub.net|coindeal.com|coinfalcon.com|stellarx.com|viabtc.com|eo.finance|eo.trade|bitseven.com|trade.sfox.com|mr.exchange|payexchanger.com|4coins.pl|tidex.com|indodax.com|gopax.co.kr|xcoins.io|bitmart.com|cex.io|gate.io|spectrocoin.com|exir.io|bitexbook.com|bitgo.com|bleutrade.com|zb.com|bitz.ai|coinsbank.com|upbit.com|cryptonex.org|rightbtc.com|bitflyer.com|zaif.jp|gemini.com|b2bx.exchange|fatbtc.com|liquid.com|xbtce.com|bithesap.com|otcbtc.com|mbaex.com|buyucoin.com|coinfloor.co.uk|coinrail.co.kr|huobi|latoken.com|coinhub.io|cpdax.com|infinitycoin.exchange|c2cx.com|allbit.com|latoken.com|hotbit.io|cryptology.com|kuna.io|stellarport.io|bitbns.com|thodex.com|luno.com|cryptomkt.com|coinspot.com.au|quidax.com|probit.com|nicehash.com|coins.ph|Abra.com|qubittech.dev|expresscrypto.io|block.io|portis.io|fortmatic.com|topchange.net|blackbanx.co|betfury.io|rollercoin.com
Main locations:
1) Desktop\documents\downloads folder-search for text documents and check for keywords. Or images\files with the name wallet\seed\phrase\etc. You will quickly gain an understanding of which files should be skipped and which should probably be checked.
2) Telegram. Many stillers collect telegram sessions. Here we search for phrases in saved messages(Favorites).
3) Email address. We check the sent emails. Sometimes the owner sends himself an email with important information. Also, go and check out Google Drive, photos and documents.
4) Mega.nz - a cloud of files where people upload everything from personal photos to documents. It occurs in ~10% of logs and almost all are valid. You don't need to sign in with 2FA or anything else.
On some exchanges or web wallets, it is possible to make a backup of the seed phrase. If we log in and see that there is no activity on the wallet or it was before us, then we make a backup and take the last phrase.
There is an app for your phone - TrustWallet. You can enter up to 15 keywords in it and send a notification. If you receive money to any wallet, you will immediately know about it.
From regular desktop wallets, we will have a wallet. dat file and a folder with the wallet name. Open the file with a text editor and search for the word name. Next to it will be an address, which we enter in the explorer and check for the balance. If you have a balance , download the wallet, replace the file, and try to withdraw it.
We usually get the electrum folder from electrum wallets. Everything is simple here, download the electrum wallet and open the file through it.
From multi-currency wallets, we will get a folder with files that we need to replace in our folder. Come here - C:\Users\Yourname\AppData\Roaming and we are looking for the folder of our wallet. Do not forget to install it at the beginning
Often there is a password on the wallet. Unfortunately, we don't have many options here. We are trying to find a password from the text box with the passwords that Stiller stole. Sometimes the password can be found in text files and in telegram (if stiller collects them).
1) Browser to work with
2) Proxy/vpn
Budget option:
Firefox / Waterfox+quick manager Cookie plugin+HMA vpn(it has about 300 countries to choose from. The site is not available in Russia and this is a bonus for us-ip is more or less clean and not killed by schoolchildren)
The best option for us will be:
Cypher/Linken Sphere+911.re
Let's analyze the work with the budget option. But in the future, it is advisable to switch to the paid version.
1) Download the browser or use the already installed one.
2) Download Cookie quick manager
3) Clear cookies: Settings - >Privacy and Security->Delete data.
4) Download the vpn or use the already installed one. Link for HMA - https://my.hidemyass.com , but you will have to connect to any other vpn.
5) Connect the vpn to the country of the log, it can be determined by the folder name or by the information in the. txt file of the log.
6) Loading our cookies: Manage all cookies:
Restore cookies from file:
Go to the log folder and look for the cookie file, usually it has the name Cookies or .txt file with the browser name. We take the largest cookies in terms of volume, if there are several of them.
7) Go to yandex. Mail. Immediately open the tabs - gmail.com, yahoo.com, outlook.live.com and we'll see if it's been sent to our email address. If it doesn't work, you might want to try downloading other cookies and deleting the previous ones. Or use the password file.txt from the log and try logging in yourself.
First of all, we need to find profitable links, a small list is in the channel with manuals and you can add them to your stiller so that the log is marked if it has the right link.
We decided on the links, for example this binance.com and blockchain.com:
In your file passwords.txt there must be a username/password, we look at it and use it. We try to log in to binance by using cookies, just by opening the site. Sometimes it lets you in.
Do you have a balance? Great, if the account does not have 2FA, then we just make a withdrawal to your wallet, confirming the withdrawal by email.
Is it worth 2FA? A problem of course, but not a big one. If you are sure that there is a good amount on your balance - this can be determined by the letters about depositing/withdrawing funds in the mail, that is, people who withdraw 2FA for a percentage and bypass any verifications.
With blockchain.com everything is much simpler. Log in using your username / password->you will receive an email message to confirm your login->confirm and log in. 2FA is very rare here, less than 10% of people have it. If we only know that an account is registered for this email address and nothing else, then go to blockchain.com->Login and restore your username, it will be sent to your email address. Knowing your username, you can already try to choose a password.
I recommend that you immediately delete your emails from the log owner's email address or send them to spam.
We will also work with other crypto exchanges for similar actions.
We publish a Video Editor vacancy.
We describe it within reason, do not bend the salary or promise something exorbitant. People start emailing us and asking about our work. We wait 15-20 hours and tell them that the vacancy is still available and you are ready to hire a person. But you will not take just anyone, and this requires you to complete a small test task, namely, to make a video.
The pros are that you can spam everywhere en masse, the vacancy does not belong to something forbidden, and moderators always skip it and do not delete it. And if you also hire a person for spam and make an autoresponder to the email....)
This scheme can be customized.
In the archive .txt file with instructions
Archive with stiller and .bat file to kill windows defender. Files with a password.
The icon and description correspond to the file name.
At startup, the user receives a fake window with an error.
Almost any crypter has a fake error function and can add an icon\description.
Selecting night time for countries that you don't want to see in your logs. Or vice versa - we select daytime/evening time for the countries we need.
If you buy two streams of 1000 installs at the same time, you get an intersection in your logs. As a result, logs will be received only from one thread, and the money for the second one will be wasted.
Buying 1000 installations and immediately after completing another 1000-you risk getting the same intersections, in the second stream there will be duplicate logs from the first stream. Buy 2000 or any desired amount in one stream at once. Or take a break between streams for at least a day.
You can always take fewer installs. 100, 250, or any other number. The price tag is indicated for 1000, respectively, for 100 you will pay 10 times less.
Don't forget that you can pause the stream or replace the file at any time(if there are detections). Do not wait until 1000 installs are spilled, if you see that you have received the desired log, then immediately pause it. Or maybe you need to leave on your own business, we also put a pause. This will help you avoid wasting your logs.
1. Your own site of any fake software that may not even exist. I advise you to consider the topic of "Windows boosters".
2. YouTube channel where we publish videos.
3. Social networks-ideally cover this point to the maximum, but you can only take Instagram and Telegram.
Our goal is to make the site as much like a live site as possible.
Safety
Tools that we will use:
1.VeraCrypt: https://www.veracrypt.fr/en/Downloads.html
Choose a portableor a regular version as you like.
2. Browser
Here everyone has their own preferences.
I recommend Mozilla and chrome. I use fox myself, because it loads less of our car.
3. Virtual machine
3.1 Virtual Box: https://www.virtualbox.org/wiki/Downloads
3.2 Extension: the same link at the top says "VirtualBox 6.1.18 Oracle VM VirtualBox Extension Pack"
3.3 Образ Windows: https://windows64.net/44-windows-7-maksimalnaya-64-bit-russkiy.html. You can take Windows 10, I'm used to the seven.
3.4 And most importantly Whonix: https://www.whonix.org/wiki/VirtualBox/XFCE
Install Virtual Box and Whonix( you only need a GateWay, you can delete the WorkStation). I think there should be no problems with the installation.
Launch Whonix. The installation will go, we agree with everything, the windows will close themselves. Now we have such a picture:
This is the terminal, open it and enter the command sudo apt-get update && sudo apt-get dist-upgrade.
The update will last approximately 3-4 minutes. After that, enter whonixcheck. If all this appears, then everything is fine.
Go to the Windows configuration.
Go to the Network and set the following parameters.
Now we set the settings themselves in Windows.
That's all. To check Tor's IP address, go to the sites 2ip.ru and whoer.net
Buy XMR->transfer it to another XMR address->output it where you need it. We change addresses every time.
It is worth doing this in the very near future. Since the crypt that you have withdrawn from the balance can get into the "black list" and you will immediately block it when you try to make a deposit to the exchange/exchanger.
Well, this is the end of our training! From myself I can say what it is and even for 10k)))) The price of this training is too high, I think the price tag is 3-4k rubles and then such a thing for myself. It would be fine to attach at least one landing page of your own, it would be another matter.
With regards to stillacom from myself, I will say why buy a pissing redline on the old dotnet code? And the loder that he advertises with a bunch of detectors written in the same language? for this price, you can buy a good js-loder with food detection. Yell redline, redline cool... - The dick is clear! Find a crack and give it to the coders - they will tell you everything and explain it to you! Another rare piece of shit!. It's easier for a hundred, well, let's add another $ 50-60 to buy a stylak eternal forever with all the updates constantly.
Choosing a Stealer
Ideal option for the price/quality ratio - RedLineThe price is from$ 100 per month and up to $ 500 for a perpetual license.
If there is not so much money, then go to lolz>trade>private software and take there within 1000-5000 r any. You can't do any serious business with them, but it's good for you to get acquainted with them.
Getting logs:
Purchased installations are almost identical everywhere, and 90% are simply resold from each other.http://shop1.host - the most normal option from purchased installations, no matter what anyone says about this service. I recommend pouring a mix of the world and a mix of Europe, and do not touch the rest of the streams.
I do not advise you to go and register on the stock exchange, as for me - it's not worth it.
The most ideal log sources for us will be from google/facebook / email spam/shell. Unfortunately, we currently do not train in these areas.
Youtube will be the best option for us, the quality is higher than the exchange, and the costs will be zero if desired.
Choosing vps for the stealer panel:
(if needed)
Usually, when buying a stealer, you are immediately given recommended links to the servers and the necessary characteristics. From myself, I’ll just add that the RedLine styler feels good on https://mvps.net with a windows server for 16 euros / month.
Don't forget that your server can get banned at any time. At the time of writing this message, my server is 4+months old and there were no blockages.
Crypting our Stiller
A bare build usually has a ton of detectors, and you can get a block of the stiller license for using a non-encrypted build.There are options for crypt through a bot, there are options directly through people.
I also recommend buying software for crypt and using it to crypt. So it will be much cheaper, and the quality will be plus/minus the same.
I will not advise any particular crypter, because if everyone uses one, then the crypt will die faster and gain detectors.
Connect to the vpn and log in https://hackforums.net/ - >Cryptography and Encryption market. Choose one. Be sure to check with the seller whether the crypter supports your stiller and preferably ask for a trial for the test. Or you can waste your money.
Checking the build / crypt for detections:
You can't check anywhere, because your file can fly to the antivirus database and then you can forget about crypts, the file will instantly gain detection.Free services:
AntiScan.Me | Online Virus Scanner Without Result Distribution
Scan your file online with multiple different antiviruses without distributing the results of your scan.
Kleenscan.com
Analyze files to detect malware. Analyze URLs, domains, and IPs to detect malware and blacklist status.
kleenscan.com
Paid services:
Avcheck.Net
avcheck.net
The ideal option is to have 0 detectors. But this doesn't always happen. We will use the statistics below.
According to statistics from Stiller: more than 50% of people use windows defender, about 40% do not use antivirus software at all. The rest use Avast/kaspersky/McAfee. All other antivirus programs are very rare.
Accordingly, if you have 1-2 detekta and one of them is Windows defender-such a crypt is garbage and it will not suit us.
If we have 3-5 detectors and they are all not popular, but we see some names for the first time - this is our option if we can't completely get rid of the detectors.
dyncheck has a RunTime file check, which is more expensive, but will show a more realistic detection of your file.
Do not forget that all these checkers give only an approximate result and 2 checks in a row on the same service may have different detectors.
How to beat a bad stiller knock:
A good percentage will be if you receive more than 70% of your logs. But it happens that just from scratch the knock fell. We spilled 1000 installs, but received 500 or even less.Several reasons:
1. Your server where stillir is located has collected anti-virus detectors. This is completely normal. We periodically scan your server ip on the same sites where you check your file. If there are detections and the tap is dropped, you should change the server.
2. You need to change the port in the panel (if used).
3. Change the VPS or take a more expensive option.
4. Rewrite the file. Sometimes this happens and the rewrite helps.
5. Create a new build, especially if it was recently cleaned.
6. You are simply being deceived by someone who pours you installations.
Reducing detections/increasing detections:
A small file weight has a positive effect on the number of logs, and adding an icon and cloning information from another file has a positive effect on reducing detections. Usually these functions are available in crypters or in the stiller panel.For cloning, you should not use popular applications or files from windows folders. This can add detectors on the contrary.
Also, if your stiller drags tons of information from the computer, you may need to remove something and the percentage of knocking will increase.
Where to fill in our stiller:
You can't upload the file to file sharing sites, because file sharing sites check files for viruses and you will receive bonus detectors.You can upload the file in the archive and under a password.
For mass mailing lists, we do this:
Archive with the password +. txt file with the password is thrown into the archive and the archive itself is filled in.
If we need to get a direct link to the file, then we buy a domain+hosting and upload it there. There may also be a problem that the browser will not allow you to download the file due to the fact that it is not downloaded much. We will fix this with an ssl certificate, an old domain(we buy it at auctions) , and by purchasing installations on your link
Automating the receipt of logs:
It is quite problematic to check logs with your hands, especially if we need to find, for example, YouTube channels or valid fbs. Or some link in the logs.In this case, the software helps us. You should choose it depending on what links you need.
A lot of software is sold on the lolz forum, in the "Private software" section.
For a check on YouTube and fb, I recommend taking a closer look at the DenDevil checker. And for sorting by links to the sorter from Alexa.
The list of links may be useful to someone:
chase.com|bankofamerica.com|citi.com|chase.com|wellsfargo.com|wachovia.com|wamu.com|suntrust.com|citizensbank.com|hsbc.com|bbandt.com|53.com|regionsbank.com|lasallebank.com|keybank.com|pncbank.com|uboc.com|comerica.com|mandtbank.com|sovereignbank.com|amsouth.com|bankofthewest.com|ingdirect.com|mbna.com|commerceonline.com|harrisbank.com|capitalone.com|mellon.com|zionsbank.com|bancopopular.com|banknorth.com|navyfederal.org|compassweb.com|hiberniabank.com|usaa.com|colonialbank.com|etrade.com|astoriafederal.com|assocbank.com|cnb.com|hudsoncitysavingsbank.com|firstcitizens.com|ncsecu.org|schwab.com|rbccentura.com|websterbank.com|mercantile.net|commercebank.com|skyfi.com|fbopcorporation.com|downeysavings.com|bokf.com|chevychasebank.com|bank.guarantygroup.com|bancorpsouthonline.com|goldmansachs.com|thebancorp.com|td.com|morganstanley.com|www.goldmansachs.com|suntrust.com|ncsecu.org|americanexpress.com|mtb.com|bbvausa.com|statefarm.com|bbt.com|macys.com|huntington.com|tiaa.org|fidelity.com|amegybank.com|associatedbank.com|ally.com|bank7.com|barringtonbank.com|becu.org|beverlybank.com|bmoharris.com|bridgeviewbank.com|cffc.com|classicbank.com|corebank.com|crystallakebank.com|dime.com|dollarbank.com|easternbank.com|finemarkbank.com|firstcommercebank.net|gorhamsavings.bank|happybank.com|hinsdalebank.com|lakeforestbank.com|libertyvillebank.com|emarquettebank.com|merchantsbankal.com|midwestone.com|macu.com|nbarizona.com|nsbank.com|northbrookbank.com|norrybank.com|oldplanktrailbank.com|pnc.com|onlinebanking.regions.com|renasantbank.com|rhinebeckbank.com|bankschaumburg.com|bankstcharles.com|sbotl.com|tbkbank.com|tdbank.com|tiaabank.com|townbank.us|umpquabank.com|vectrabank.com|villagebankonline.bank|wheatonbank.com|wintrustbank.com|www.chime.com|www.nordea.com|www.nordea.fi|stripe.com|xoom.com|asb.co.nz|anz.co.nz|moneylion.com|bluebird.com|robinhood.comfaceless.cc|luxsocks|911.re|fe-acc18.ru|sphere.tenebris.cc|ls.tenebris.cc
BC=blockchain|binance|coinbase|yobit|stormgain|bitfinex.com|argenbtc.com|kraken.com|bittrex.com|kucoin.com|hitbtc.com|remitano.com|huobi.com|bitmex.com|bithumb.com|mercadobitcoin.com.br|btcturk.com|bitbay.net|poloniex.com|bitstamp.net|bitpanda.com|mercatox.com|https://exmo.com|altcointrader.co.za|coinoneco.kr|braziliex.com|bitcoin.de|bibox.com|liquid.com|whitebit.com|bitflyer.com|coinbene.com|bitbank.cc|oceanex.pro|coinex.com|crex24.com|bitexbook.com|cdlconline24.com|bexplus.com|ataix.com|primexbt.com|btc-alpha.com|overbit.com|zbg.com|simex.global|stockpoint.io|coinut.com|exrates.me|idax.pro|gopax.com|kryptono.exchange|localtrade.cc|tokok.com|acx.io|idcm.io|bitso.com|tradeogre.com|digifinex.com|oex.com|bl3p.eu|agoradesk.com|localcryptos.com|hodlhodl.com|changelly.com|chainex.io|deribit.com|big.one|nexo.io|exchange.gemini.com|paxos.com|genesistrading.com|korbit.co.kr|bitquick.co|wazirx.com|bitex.la|ripio.com|satoshitango.com|foxbit.com.br|flowbtc.com.br|bitcointoyou.com|bitcambio.com.br|coinjar.com|bittylicious.com|quickbitcoin.co.uk|paymium.com|bity.com|coincorner.com|coinhako.com|bitoasis.net|buybitcoin.ph|coinage.ph|volabit.com|coincheck.com|bit2c.co.il|bitsofgold.co.il|buda.com|netcoins.ca|coinsmart.com|coinberry.com|coinsquare.com|mybtc.ca|coinspot.com.au|independentreserve.com|ginero.io|bitcoinvn.io|vbtc.exchange|surbitcoin.com|cryptobuyer.io|coins.co.th|maicoin.com|safello.com|cambistabitcoin.com|http://bitcoin.com|coinexx.com|coinfinity.co|cryptodispensers.com|jubiter.com|accointing.com|https://crypto.com|kot4x.com|coinapi.io|lakebtc.com|valr.com|hanbitco.com|zebpay.com|bidesk.com|hbtc.com|foblgate.com|paribu.com|vcc.exchange|paybito.com|chiliz.net|mxc.com|bkex.com|etherflyer.com|zb.com|ftx.com|sistemkoin.com|coinlim.com|paritex.com|omgfin.com|folgory.com|https://hoo.com|vindax.com|ripplefox.com|vebitcoin.com|coinegg.com|idex.market|newdex.io|safe.trade|dex.cybex.io|coinfield.com|getbtc.org|gobaba.com|hb.top|bitinka.com|bitinfi.com|dakuce.com|tideal.com|tidebit.com|omnitrade.io|btcmarkets.net|coinjar.com|coinmex.com|bitkonan.com|p2pb2b.io|incorex.com|coinsbit.io|gbx.global|litebit.eu|bitbegin.io|freiexchange.com|ooobtc.com|bitebtc.com|bitrue.com|bithash.net|tokenomy.com|orderbook.io|alluma.io|tokenjar.io|bitkub.com|satang.com|spicepay.com|http://bitcoinmeester.nl|stinex.net|myethshop.com|numoney.exchange|paxful.com|my.dogechain.info|coindcx.com|plus500.com|https://capital.com|ex.xbts.io|gatehub.net|coindeal.com|coinfalcon.com|stellarx.com|viabtc.com|eo.finance|eo.trade|bitseven.com|trade.sfox.com|mr.exchange|payexchanger.com|4coins.pl|tidex.com|indodax.com|gopax.co.kr|xcoins.io|bitmart.com|cex.io|gate.io|spectrocoin.com|exir.io|bitexbook.com|bitgo.com|bleutrade.com|zb.com|bitz.ai|coinsbank.com|upbit.com|cryptonex.org|rightbtc.com|bitflyer.com|zaif.jp|gemini.com|b2bx.exchange|fatbtc.com|liquid.com|xbtce.com|bithesap.com|otcbtc.com|mbaex.com|buyucoin.com|coinfloor.co.uk|coinrail.co.kr|huobi|latoken.com|coinhub.io|cpdax.com|infinitycoin.exchange|c2cx.com|allbit.com|latoken.com|hotbit.io|cryptology.com|kuna.io|stellarport.io|bitbns.com|thodex.com|luno.com|cryptomkt.com|coinspot.com.au|quidax.com|probit.com|nicehash.com|coins.ph|Abra.com|qubittech.dev|expresscrypto.io|block.io|portis.io|fortmatic.com|topchange.net|blackbanx.co|betfury.io|rollercoin.com
Farming cold wallets:
Owners very often record/save their key phrases to crypto wallets on their computer. We just need to collect them.Main locations:
1) Desktop\documents\downloads folder-search for text documents and check for keywords. Or images\files with the name wallet\seed\phrase\etc. You will quickly gain an understanding of which files should be skipped and which should probably be checked.
2) Telegram. Many stillers collect telegram sessions. Here we search for phrases in saved messages(Favorites).
3) Email address. We check the sent emails. Sometimes the owner sends himself an email with important information. Also, go and check out Google Drive, photos and documents.
4) Mega.nz - a cloud of files where people upload everything from personal photos to documents. It occurs in ~10% of logs and almost all are valid. You don't need to sign in with 2FA or anything else.
On some exchanges or web wallets, it is possible to make a backup of the seed phrase. If we log in and see that there is no activity on the wallet or it was before us, then we make a backup and take the last phrase.
There is an app for your phone - TrustWallet. You can enter up to 15 keywords in it and send a notification. If you receive money to any wallet, you will immediately know about it.
Working with the desktop wallet grabber:
Your stiller most likely collects desktop wallets - bitcoin, litecoin, exodus, and others.From regular desktop wallets, we will have a wallet. dat file and a folder with the wallet name. Open the file with a text editor and search for the word name. Next to it will be an address, which we enter in the explorer and check for the balance. If you have a balance , download the wallet, replace the file, and try to withdraw it.
We usually get the electrum folder from electrum wallets. Everything is simple here, download the electrum wallet and open the file through it.
From multi-currency wallets, we will get a folder with files that we need to replace in our folder. Come here - C:\Users\Yourname\AppData\Roaming and we are looking for the folder of our wallet. Do not forget to install it at the beginning
Often there is a password on the wallet. Unfortunately, we don't have many options here. We are trying to find a password from the text box with the passwords that Stiller stole. Sometimes the password can be found in text files and in telegram (if stiller collects them).
Getting started:
We will need:1) Browser to work with
2) Proxy/vpn
Budget option:
Firefox / Waterfox+quick manager Cookie plugin+HMA vpn(it has about 300 countries to choose from. The site is not available in Russia and this is a bonus for us-ip is more or less clean and not killed by schoolchildren)
The best option for us will be:
Cypher/Linken Sphere+911.re
Let's analyze the work with the budget option. But in the future, it is advisable to switch to the paid version.
1) Download the browser or use the already installed one.
2) Download Cookie quick manager
3) Clear cookies: Settings - >Privacy and Security->Delete data.
4) Download the vpn or use the already installed one. Link for HMA - https://my.hidemyass.com , but you will have to connect to any other vpn.
5) Connect the vpn to the country of the log, it can be determined by the folder name or by the information in the. txt file of the log.
6) Loading our cookies: Manage all cookies:
Restore cookies from file:
Go to the log folder and look for the cookie file, usually it has the name Cookies or .txt file with the browser name. We take the largest cookies in terms of volume, if there are several of them.
7) Go to yandex. Mail. Immediately open the tabs - gmail.com, yahoo.com, outlook.live.com and we'll see if it's been sent to our email address. If it doesn't work, you might want to try downloading other cookies and deleting the previous ones. Or use the password file.txt from the log and try logging in yourself.
First of all, we need to find profitable links, a small list is in the channel with manuals and you can add them to your stiller so that the log is marked if it has the right link.
We decided on the links, for example this binance.com and blockchain.com:
In your file passwords.txt there must be a username/password, we look at it and use it. We try to log in to binance by using cookies, just by opening the site. Sometimes it lets you in.
Do you have a balance? Great, if the account does not have 2FA, then we just make a withdrawal to your wallet, confirming the withdrawal by email.
Is it worth 2FA? A problem of course, but not a big one. If you are sure that there is a good amount on your balance - this can be determined by the letters about depositing/withdrawing funds in the mail, that is, people who withdraw 2FA for a percentage and bypass any verifications.
With blockchain.com everything is much simpler. Log in using your username / password->you will receive an email message to confirm your login->confirm and log in. 2FA is very rare here, less than 10% of people have it. If we only know that an account is registered for this email address and nothing else, then go to blockchain.com->Login and restore your username, it will be sent to your email address. Knowing your username, you can already try to choose a password.
I recommend that you immediately delete your emails from the log owner's email address or send them to spam.
We will also work with other crypto exchanges for similar actions.
We get free and high-quality videos for our YouTube channel:
The scheme is simple, proven and works.We publish a Video Editor vacancy.
We describe it within reason, do not bend the salary or promise something exorbitant. People start emailing us and asking about our work. We wait 15-20 hours and tell them that the vacancy is still available and you are ready to hire a person. But you will not take just anyone, and this requires you to complete a small test task, namely, to make a video.
The pros are that you can spam everywhere en masse, the vacancy does not belong to something forbidden, and moderators always skip it and do not delete it. And if you also hire a person for spam and make an autoresponder to the email....)
This scheme can be customized.
Example of a decorated stiller archive
Archive.
In the archive .txt file with instructions
Archive with stiller and .bat file to kill windows defender. Files with a password.
The icon and description correspond to the file name.
At startup, the user receives a fake window with an error.
Almost any crypter has a fake error function and can add an icon\description.
Getting the logs of the countries we need:
Installs are installations of your file on the user's computer. If the user is asleep and the computer is turned off, the file will not start accordingly.Selecting night time for countries that you don't want to see in your logs. Or vice versa - we select daytime/evening time for the countries we need.
Manual for working with install services
The first thing to know is that the logs go into several hands and you need to work them out in the very near future. Or another person will do it for you. So everywhere and there are no exceptions.If you buy two streams of 1000 installs at the same time, you get an intersection in your logs. As a result, logs will be received only from one thread, and the money for the second one will be wasted.
Buying 1000 installations and immediately after completing another 1000-you risk getting the same intersections, in the second stream there will be duplicate logs from the first stream. Buy 2000 or any desired amount in one stream at once. Or take a break between streams for at least a day.
You can always take fewer installs. 100, 250, or any other number. The price tag is indicated for 1000, respectively, for 100 you will pay 10 times less.
Don't forget that you can pause the stream or replace the file at any time(if there are detections). Do not wait until 1000 installs are spilled, if you see that you have received the desired log, then immediately pause it. Or maybe you need to leave on your own business, we also put a pause. This will help you avoid wasting your logs.
Promoting your site:
This bundle works quite well, but requires time and financial costs.1. Your own site of any fake software that may not even exist. I advise you to consider the topic of "Windows boosters".
2. YouTube channel where we publish videos.
3. Social networks-ideally cover this point to the maximum, but you can only take Instagram and Telegram.
Our goal is to make the site as much like a live site as possible.
Safety
Tools that we will use:
1.VeraCrypt: https://www.veracrypt.fr/en/Downloads.html
Choose a portableor a regular version as you like.
2. Browser
Here everyone has their own preferences.
I recommend Mozilla and chrome. I use fox myself, because it loads less of our car.
3. Virtual machine
3.1 Virtual Box: https://www.virtualbox.org/wiki/Downloads
3.2 Extension: the same link at the top says "VirtualBox 6.1.18 Oracle VM VirtualBox Extension Pack"
3.3 Образ Windows: https://windows64.net/44-windows-7-maksimalnaya-64-bit-russkiy.html. You can take Windows 10, I'm used to the seven.
3.4 And most importantly Whonix: https://www.whonix.org/wiki/VirtualBox/XFCE
Go to the installation itself.
Go to the installation itself.Install Virtual Box and Whonix( you only need a GateWay, you can delete the WorkStation). I think there should be no problems with the installation.
Launch Whonix. The installation will go, we agree with everything, the windows will close themselves. Now we have such a picture:
This is the terminal, open it and enter the command sudo apt-get update && sudo apt-get dist-upgrade.
The update will last approximately 3-4 minutes. After that, enter whonixcheck. If all this appears, then everything is fine.
Go to the Windows configuration.
Go to the Network and set the following parameters.
Now we set the settings themselves in Windows.
That's all. To check Tor's IP address, go to the sites 2ip.ru and whoer.net
Cleaning your crypt
The method is quite simple.Buy XMR->transfer it to another XMR address->output it where you need it. We change addresses every time.
It is worth doing this in the very near future. Since the crypt that you have withdrawn from the balance can get into the "black list" and you will immediately block it when you try to make a deposit to the exchange/exchanger.
Well, this is the end of our training! From myself I can say what it is and even for 10k)))) The price of this training is too high, I think the price tag is 3-4k rubles and then such a thing for myself. It would be fine to attach at least one landing page of your own, it would be another matter.
With regards to stillacom from myself, I will say why buy a pissing redline on the old dotnet code? And the loder that he advertises with a bunch of detectors written in the same language? for this price, you can buy a good js-loder with food detection. Yell redline, redline cool... - The dick is clear! Find a crack and give it to the coders - they will tell you everything and explain it to you! Another rare piece of shit!. It's easier for a hundred, well, let's add another $ 50-60 to buy a stylak eternal forever with all the updates constantly.
