Smoke Loader botnet with plugins 2024
1) Menu – contains navigation menu to control bots and tasks for them- MY BOTNET – general statistics for bots, the overall total amount today, online, number of tasks, successful launches and downloads, bots to update the statistics on versions of Windows and statistics on countries, doubles counter, bots count for any seller id, privileges- BOT LIST – Detailed statistics for bots,ID, IP, last access time, version of Windows and country, seller id, command for personal task or deletion. Also work search for some parameters.- TASK LIST – work with the tasks for bots, the ability to upload a file in admin panel or remote downloading (the bot itself will download a file from a remote server and execute it), statistic for each task (loading and running, local or remote download), delete, editing or “pause” for each job. You can also set a limit of downloads for each job. You can load DLL’s and run it from LoadLibrary (in address space of loader process) or regsrv32, all variants run OEP code of DLL.
- OPTIONS – clear/delete all tasks(including files) or only personal tasks(w/o files), cleaning all the statistics, sets for bot updating (2)
- STEALER – work with logs from stealer (download, delete) *only if you have a module
- FORM GRAB – form-grabber for IE,FF,Chrome,Opera (search for pattern of URL), also delete cookies and flash cookies (option on module page)
- PASS SNIF – password sniffer for all processes, work in realtime, support ftp,pop3,imap,smtp(AUTH LOGIN) accounts
- FAKE DNS – spoofing DNS-requests for all processes (7)
- FILE SEARCH – search & collect files from bots, files are stored in “/files/ID” folder, ZIP-archives with password “smoke_fs”. Please, use FTP for browsing this files
- PROCMON – process monitoring with options (terminate process, reboot OS, download and execute file)
- DDOS – DDoS module
- KEYLOGGER – capture pressed keyboard and clipboard for processes, reports saved in “/keylogger/ID” folder. Please, use FTP for browsing this files
- HIDDEN TV – Hidden TeamViewer (Get HTV – command for download and run TV, HTV IDLE – that means what bot on work with TV)
- MINER – at this moment supported only XMR on CPU
- EMAIL GRAB – email grabber from email clients