A magical keylogger from a land far away... Currently pretty advanced at over 2k lines of code.
- As of 18/07/2022 we are FUD on antiscan and have 2% detection rate on HA. 😎
- Retrieves logs to any email address. Even if an internet connection is absent at the time of logging.
- Even after it is deleted the logs will still persist and will be sent back anyways.
- Crypts all logs, only decryptable with the decrypter.
- Auto-updates using GitHub Raw or any other cloud service.
- Detects and logs context switches.(changes in the name of the focused window)
- Detects Ctrl+C and automatically retrieves the clipboard's contents.
- Offers an unencrypted and VM-friendly mode for debugging purposes.
- Files are Winzip compressed, with lz4 W.I.P.
- ScreenGrabbing is working, with ScreenShot-On-Click and Timer modes.
- Grabs lots of info(E.G. Hardware specs, System locale, Windows version, etc.) with more being added with each release.
- Pretty persistent: creates multiple copies of itself, so if one is deleted the other ones take its place.
- Has a system-wide evaluation and trust system that includes various kinds of VM/debugging/anti-malware checks(some are pretty unusual).
- Offers lots of easy customization with #defines at the start of the Common header.
Antiscan.me:
HybridAnalysis:
Step 1:
Download the source code from this Git repository.
Step 2:
Setup 2FA and App Passwords on your "email sender" google account.
Step 3:
Create your HardEncode and HardDecode functions to crypt the authentication strings. (you will have to also re-encrypt several pre-encrypted strings)
OR reverse the one i already wrote.
Another possibility is to ditch Auth string encryption, be aware that this exposes strings to reverse engineering.
Step 4:
Edit the "common.h" header, customizing the behaviour of the keylogger and adding the encrypted authentication strings.
Step 5:
Add "masm" to the project build dependencies.
Make sure that "random.asm" is not excluded from the build, also set its item type as Microsoft Macro Assembler.
Set Project->Linker->System->Subsystem to "WINDOWS".
Set Project->C/C++->Optimization->Whole Program Optimization to "No", Optimization to /Ox and Favor Size Or Speed to "Neither".
Set Project->C/C++->Code Generation->Runtime Library to "/MT Multi-Threaded".
Add the /Zc:trigraphs compiler flag.
Ensure that the project is set to Release x64.
Step 6:
Ctrl+shift+b to compile.
Step 7(OPTIONAL):
Set up a Github repo with your compiled binary to auto-update.
Unfortunately a single log now takes up more than 4-5 screenshots, so i'll replace them with a link to two demo logs: a crypted and an unencrypted one.
https://github.com/brat-volk/MagikIndex/raw/development/DemoLogs.zip
Don't use my code for some shitty HackForums/RaidForums malware pasta, or at least credit me ;P
Be aware that i don't take any responsibility for the potential harm caused by this program.