XFiles - Stealer / Native, Written Using C / Crypt Build / Traffic Manuals.

XFiles is a stealer capable of surprising with its simplicity and ease of use, designed for both one and a large team.

♕ Everything is already configured for you and ready to use!

♕ The stub is native, written in the C programming language. The builds created are 70% unique thanks to our self-written protector.

System calls are used wherever possible, in other cases WinAPI is used, no third-party libraries are used or required, decryption of the collected log occurs entirely on the server.

♕ For each build, a unique obfuscated data exchange protocol is generated for interaction with the gate (tapping), delivery of logs to the gate occurs in parts. Thanks to this, we increase the life of builds many times over.

♕ Works on machines from Windows 7 to Windows 11 inclusive. Please note that our stealer does not knock on the CIS!

♕ Data collection works in memory, nothing is dropped to disk.

♕ Dynamic collection of browser data, collects Cookies, Passwords, Autofills, Credit Cards. Supports more than 50+ browsers (Google Chrome, Chromium, Opera, Opera GX, Edge, Firefox and so on)

♕ A collection of more than 80 popular browser crypto wallets (extensions), including Brave and Opera integrated into the browser, as well as installable wallets such as Atomic, Armory, and so on.

♕ Collection of messengers

✦ Discord, Telegram

♕ Collection of FTP clients

✦ FileZilla, WinSCP

♕ Collection of VPN clients

✦ OpenVPN, ProtonVPN

♕ Collection of game clients

✦ Steam

♕ Collection of VNC clients - Coming soon

♕ Collect OneNote, Sticky Notes - Coming Soon

♕ A customizable, flexible file grabber, written with an emphasis on optimization and the use of system calls, resulting in fewer AV detections.

♕ Crypt build. Unlimited recrypt of your file.

- We only encrypt EXEs of our clients.

- The most modern anti-emulsion.

- Clear- 0/26 (avcheck.net)

- Latest developments against Avira, BitDefender, NOD32 and Windows Defender.

- Gluing with EXE file is provided.

♕ Exclusive training manuals from the XFiles team, we’ll guide you by the hand to profit, and if it doesn’t work out, we’ll return your $.

By subscribing for $200/month, you gain access to the following functionality

✦ Beautiful, modern, convenient control panel on Windows, with a choice of Light or Dark theme. The panel allows

✦ Manage a team or work alone

→ Ability to invite and kick out team members and create your own users with login and password

→ As a team owner, you are able to change access rights to any functionality for your members.

Don't want to give any rights other than the right to view logs? ✔ no problem

Do you want him to not be able to delete logs, create builds, or even completely restrict his rights? ✔ your participant is left without rights

Changing the password for the user you created

Kick a user from a team

‎✦ Join other teams

→ You don’t have to be a member of only one team; at the invitation of the owner of another team, you can become a member of it!

 → Your rights as a participant are determined by the team owner.

✦ Create and edit Builds using the Build Configurator, which supports flexible configuration

✔ Anti-Virtulka - increases the life of the build

✔ Fake dialog box with text

✔ Configure the loader - download and launch your file via the link when you launch the stiller

✔ Blocking knockouts from certain countries

✔ Grabber extensions from Browsers

  ✔ Obfuscation - you can configure obfuscation of the generated executable file. Each build has basic obfuscation/encryption.

 ✔ You can upload your own icon, and also change information about the created executable file.

✔ Convenient multi-level rule-based File Grabber that supports searching for files in specified folders, rules can contain sub-rules, you can select the operating mode for each rule, currently Two modes

 → By folder - search for a specific folder, when it is found, files will be collected in it according to the filters you have specified. This type can include other rules, for example, you can easily create a rule for collecting OpenVPN configs yourself, although we already have such functionality configured for you :)

→ By nesting level - it will search for all files in a given depth, but only those that match your file filters will be selected.

 → File filter capabilities

 → Check for file size size

 → Check for file name (by mask), for example *.txt, *.doc, pass.txt, *passwords*

✦ Setting up log recording, checking logs for uniqueness via IP and (or) HWID.

✦ Setting up notifications in Telegram, with the ability to choose which logs you and/or your participants want to receive notifications on, the ability to make your own log format in Telegram, you can add variables to your text.

✦ Search, download and delete your logs

→ With a flexible search system, you will find the log you need in a matter of seconds

 → Ability to bulk delete or download logs from both the server and disk

 → The panel shows which logs have already been downloaded, there is no need to download them

 → If you don’t need any logs on disk, you can delete them from your disk with 1 click, while they will remain on the server

 → Ability to see which of the participants downloaded the log

 → Ability to find out whose build the log came from (if, for example, you did not create the build)

 → Each log displays the following information

 🏳️ Country - where the log came from

 🗒️ Tags - added by you when creating the build

 💵 Wallets - names or icons of wallets

 🌎 Services - a kind of domain detection, pre-loaded domains and icons

 🗒️ Autofills - number of autofills (from browsers)

 💳 CC - number of credit cards (from browsers)

 🍪 Cookies - number of cookies (from browsers)

 🔑 Discord tokens - number of tokens (from browsers)

 🗃️ Archive size

 📅 Date the log was received

 🔗 IP address - the address of the victim.

→ The log format is specially made similar to other formats for ease of processing.

✦ View team statistics

 → Top 10 team members

 → Top 10 countries by logs

 → Top 10 wallets

 → Visualization of received logs by time using charts

‎ ✦ Automatic Panel Update

→ The software will automatically know when a new update has been released and download it on its own the next time you start it

‎ ✦ Follow the news on the main page

✦ Website where you can

‎ → Download software (panel)

→ Watch news related to the project

→ Get information about your account and its activity

✦ Customer support is available 24/7

Admin panel photo

Log structure

Log output in telegram

Build's uniqueness

The uniqueness of the build is up to 70%.

For each build, its own logic for communicating with the server is generated (polymorphic), so that the researcher will have to tinker with each build manually.

Developer's comment

Even good software is worth little without constant support and maintenance by its author. New versions of software are released, updates analyze malware, one way or another, something needs to be constantly changed, updated, completed. Programs are updated, databases of claims are updated, and software without support within a month becomes no better than public. For example, let's take Azorult, which was the most popular stealer at the time, but very quickly disappeared after the disappearance of the author. At first due to the large number of detections, but it was finally finished off by a Chrome update (version 80), in which the encryption algorithms were changed. Therefore, purchasing a subscription is a guarantee that we will support our project. About crypt. Some people think that crypto is a panacea, it doesn’t matter that malware is burning even Windows Def, you can encrypt it and go on working. This is wrong. Remember once and for all - the crypt only saves you from static detections, that is, when the file is on the disk, or sent by mail, or downloaded from somewhere. In the dynamics, it is the creator of the software who must remove detections and nothing else. There are legends on the forums about miracle crypters who supposedly remove runtime detections, but this is just another urban legend, crypt complicates the analysis of malware (depending on the crypter’s tricks) this is the best he can do.

Contacts for purchase

Support

TOX - C96EA8DFB780D9053728816F20901315F6284CB73B735559100696FB30B31364CE0AD357E634

Jabber - luciferxfiles@exploit.im

Telegram - https://t.me/xfiles_support_official

Update channel and chat - https://t.me/XFILESDevBlog

Public chat - https://t.me/+T_sWYu1PB-EwYTAy

International public chat - https://t.me/+eQ4inIKJ-QdkNjlk

Prices for our product

♕ $50 - 3 Day.

Test subscription

✔ Support 24/7

❌ Premium Chat in Telegram for clients

✔ Maximum 20 users per team

✔ Windows C++ Native Stub

❌ Access to the manual

✔ Crypt (Unique Stub)

❌ MacOS Stub

♕ $200 - 1 Month.

Premium subscription, everything you need for work.

✔ Support 24/7

✔ Premium Chat in Telegram for clients

✔ Maximum 20 users per team

✔ Windows C++ Native Stub

✔ Access to the manual

❌ Crypt (Unique Stub)

❌ MacOS Stub (in development)

♕  $1890 - 6 months. 

Thief subscription, for people who want a quick start $$ and exclusive training manuals.

✔ Support 24/7

✔ Premium Chat in Telegram for clients

✔ Maximum 50 users per team

✔ Windows C++ Native Stub

✔ Access to the manual (exclusive articles $$ of this subscription)

✔ Crypt (Unique Stub) and gluing

❌ MacOS Stub (in development)

♕  $3570 - 12 months.

Professional subscription, Exclusive training manuals from the XFiles team, we will lead you by the hand to profit, and if it doesn’t work out, we will return your $.

✔ Support 24/7

✔ Telegram chat with the project developer

✔ Maximum 100 users per team

✔ Windows C++ Native Stub

✔ Access to the manual (Let's lead you by the hand to profit $$)

✔ Crypt (Unique Stub) and gluing

❌ MacOS Stub

Crypt build

♕ $150 - 1 Month.

Advantages

✔ Unlimited rewrite of your file.

✔ The most modern anti-emulsion.

✔ Latest developments against Avira, BitDefender, NOD32 and Windows Defender

✔ Palevo - 0/26 (avcheck.net)

https://i.ibb.co/8sCxM8G/XFiles-EN.gif