Invicta Stealer a powerful, free native stealer
This is a C++ stealer which is being actively improved upon, with the help we receive from our active community.
BROWSERS
Information is obtained from all the profiles from all chromium-based (the most used) browsers, and firefox. We collect: credit card data, autofill, history, all extensions which include 80+ crypto wallets, various authenticators and password managers, local storage, downloads, and much more. Essentially, all the information is collected.
DISCORD
All of the discord tokens are extracted from: the regular client, discord canary, ptb discord and browser local storage
CRYPTO
Wallet information is collected from 25 wallets, with new ones being actively added.
SENSITIVE DIRECTORIES AND FILES
We have studied real world scenarios, and came up with advanced filters that will fetch you sensitive information related to cryptocurrency wallets, bank accounts, passwords, private keys, etc. The stealer gets recently opened .txt files, recursively iterates through the computer to find sensitive information, steals github and visual studio code repositories (with bloat removed), gets .txt files from desktop, documents, etc
FTP CLIENTS
WinSCP and FileZilla
GAMING CLIENTS
Steam sessions, usernames and a list of games
PASSWORD MANAGERS
Keepass
SYSTEM INFORMATION
We collect system information, which includes the HWID, IP, timezone, computer language, RAM, CPU information, Windows & build version, path of the stealer, list of installed apps, etc
ANTI-DEBUGGING, EVASION TECHNIQUES
We use anti-debug/anti-virustotal/anti-vm techniques which complicate analysis of the malware. Your link will be encrypted in the stealer file. Sensitive operations are performed through syscalls, which make them harder to detect by AVs and analysts, and all strings are encrypted.
TUTORIAL
Download the Builder ZIP file
Run Builder.exe
Input discord webhook, or an URL to your HTTP server into the box
Click build
Patched stealer will be available in out/InvictaStealer.exe
This is a C++ stealer which is being actively improved upon, with the help we receive from our active community.
BROWSERS
Information is obtained from all the profiles from all chromium-based (the most used) browsers, and firefox. We collect: credit card data, autofill, history, all extensions which include 80+ crypto wallets, various authenticators and password managers, local storage, downloads, and much more. Essentially, all the information is collected.
DISCORD
All of the discord tokens are extracted from: the regular client, discord canary, ptb discord and browser local storage
CRYPTO
Wallet information is collected from 25 wallets, with new ones being actively added.
SENSITIVE DIRECTORIES AND FILES
We have studied real world scenarios, and came up with advanced filters that will fetch you sensitive information related to cryptocurrency wallets, bank accounts, passwords, private keys, etc. The stealer gets recently opened .txt files, recursively iterates through the computer to find sensitive information, steals github and visual studio code repositories (with bloat removed), gets .txt files from desktop, documents, etc
FTP CLIENTS
WinSCP and FileZilla
GAMING CLIENTS
Steam sessions, usernames and a list of games
PASSWORD MANAGERS
Keepass
SYSTEM INFORMATION
We collect system information, which includes the HWID, IP, timezone, computer language, RAM, CPU information, Windows & build version, path of the stealer, list of installed apps, etc
ANTI-DEBUGGING, EVASION TECHNIQUES
We use anti-debug/anti-virustotal/anti-vm techniques which complicate analysis of the malware. Your link will be encrypted in the stealer file. Sensitive operations are performed through syscalls, which make them harder to detect by AVs and analysts, and all strings are encrypted.
TUTORIAL
Download the Builder ZIP file
Run Builder.exe
Input discord webhook, or an URL to your HTTP server into the box
Click build
Patched stealer will be available in out/InvictaStealer.exe
