-
Notifications
You must be signed in to change notification settings - Fork 46
/
Copy path2019-06-18-kpot-signed-decoded_str.vk.txt
193 lines (191 loc) · 3.64 KB
/
2019-06-18-kpot-signed-decoded_str.vk.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
MD5: d3ceda62f6a494c99633aa4aff301068
Digital Cert -> [CONFIGRD LTD] Thawte
h/t @malwrhunterteam
2: http://activehostnet.com
3: /OSYovRu8topEL0As
4: yj9jnskbpKRJvO4D
5: SQLite format 3
6: 2|NordVPN||%s|%s
7: 2|EarthVPN||%s|%s
8: 3|Psi(+)|%s|%s|%s
9: 3|Pidgin|%s|%s|%s
10: 4|Remote Desktop|%s|%s|%s
11: 1|TotalCommander|%s|%s|%s
12: 1|WinSCP|%s|%s|%s
13: 1|WS_FTP|%s|%s|%S
14: 1|FileZilla|%s:%s|%s|%S
15: full address:s:
16: username:s:
17: password 51:b:
18: Path
19: config
20: name
21: .bit
22: %08lX%04lX%lu
23: screenshot.png
24: Hostname
25: Username
26: Password
27: TRUE
28: FALSE
29: quit
30: EarthVPN
31: NordVPN
32: setting[@name='%s']
33: user.config
34: Valve\Steam
35: Telegram
36: Battle.net
37: Skype
38: main.db
39: loginusers
40: discord\Local Storage\https_discordapp.com_0.localstorage
41: .config
42: \tdata\
43: psi
44: profiles
45: %s\.purple\%s
46: accounts.xml
47: Software
48: Microsoft
49: Cryptography
50: InstallPath
51: ProductName
52: DisplayIcon
53: DisplayName
54: DisplayVersion
55: {53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1
56: MachineGuid
57: Martin Prikryl\WinSCP 2\Sessions
58: Internet Explorer\IntelliForms\Storage2
59: Internet Explorer\TypedURLs
60: Windows\CurrentVersion\Uninstall
61: Windows NT\CurrentVersion
62: Windows\CurrentVersion\Uninstall
63: Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook
64: Software\Microsoft\Office\%d.0\Outlook\Profiles\Outlook
65: pstorec.dll
66: vaultcli.dll
67: Microsoft_WinInet_*
68: abe2869f-9b47-4cd9-a358-c22904dba7f7
69: BÄôKŠ› A³€ÝJpMÛ(
70: ™TÍ<¨‡K¢`ˆˆÝ;U
71: recentservers
72: sitemanager
73: FileZilla
74: Host
75: User
76: Pass
77: Ipswitch\WS_FTP\Sites\ws_ftp.ini
78: áðÃÒ¥´‡–ixKZ-<
4xV«ïÍ
79: GHISLER\wcx_ftp.ini
80: 0123456789ABCDEF
81: HostName
82: UserName
83: UID
84: PWD
85: Port
86: connections
87: encoding
88: Internet Explorer
89: Cookies
90: wininet.txt
91: %s TRUE %s %s %d %s %s
92: Login Data
93: %s\%S.json
94: webappsstore.sqlite
95: formhistory.sqlite
96: signons.sqlite
97: cookies.sqlite
98: logins
99: encryptedUsername
100: encryptedPassword
101: key3.db
102: key4.db
103: %s\key%d.db
104: Web Data
105: 176.126.70.119
106: 46.101.70.183
107: 188.165.200.156
108: 103.25.202.192
109: 178.32.31.41
110: 82.196.9.45
111: 87.98.175.85
112: 185.121.177.53
113: 92.222.80.28
114: 185.121.177.177
115: 169.239.202.202
116: 80.233.248.109
117: 78.138.97.93
118: 91.217.137.44
119: 5.135.183.146
120: 51.15.98.97
121: dotbit.me
122: GET
123: POST
124: %S %s HTTP/1.1
%SContent-Length: %d
125: %S/gate.php
126: Content-Type: application/x-www-form-urlencoded
Host: %S
127: Content-Type: application/octet-stream
Content-Encoding: binary
Host: %S
128: Host: %S
129: monero-project
130: wallet_path
131: wallet.dat
132: Crypto
133: keystore
134: .wallet
135: Ethereum
136: Electrum
137: Namecoin
138: strDataDir
139: com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\000003.log
140: Exodus
141: Grabber
142: %FULLDISK%
143: %NETWORK%
144: /c ping 127.0.0.1 && del "%s"
145: %02d-%02d-%02d %d:%02d:%02d
146: MachineGuid: %S
147: IP: %s
148: CPU: %s (%d cores)
149: RAM: %s MB
150: Screen: %dx%d
151: PC: %s
User: %s
152: LT: %s (UTC+%d:%d)
153: GPU:
154: Layouts:
155: Software:
156: PWD
157: CRED_DATA
158: CREDIT_CARD
159: AUTOFILL_DATA
160: IMPAUTOFILL_DATA
161: SYSINFORMATION
162: FFFILEE
163: __DELIMM__
164: __GRABBER__
165: runas
166: open
167: %ComSpec%
168: wininet.dll
169: winhttp.dll
170: ws2_32.dll
171: user32.dll
172: shell32.dll
173: advapi32.dll
174: dnsapi.dll
175: netapi32.dll
176: gdi32.dll
177: gdiplus.dll
178: oleaut32.dll
179: ole32.dll
180: shlwapi.dll
181: userenv.dll
182: urlmon.dll
183: crypt32.dll
184: mpr.dll