- Цена
- $150 or $350
- Контакты
- telegram @WERFAULT
Note that even though the inside of protected zip files is being scanned by mail security, Phantom js dropper is guaranteed to bypass majority of mail scanners (excluding honeypot email servers, i.e email servers hosted by Google, Microsoft, and other popular email spamtraps
Features:
FUD LPE (UAC Admin privilege escalation) tested successfully on 32bit & 64bit PC
fileless execution for all encrypted powershell commands
(Optional) Decoy pdf file (or any file u want) will be first executed to deceive the target, then your payload will be executed in the background
Bypass Windows Defender
Long-lasting FUD. When you spread correctly, file can remain FUD after continuously spreading to business emails for more than a week
Bypass WD machine learning Behavior detection
Each js file is completely unique
Runtime FUD
Bypass AMSI
Scantime FUD
target is WD however most AV are bypassed
(Optional) feature to disable windows defender notification (only in the UAC version)
double layer obfuscation for phantom js build which helps it last longer and more difficult to reverse by threat researchers.
Stubborn WD detection bypassed:
Wacatac detection (All variants)
Bearfoos detection (All variants)
Behavior detection (All variants)
Sabisk detection (All variants)
JS dropper Price:
6 unique builds - Only encrypted Javascript no UAC - $150
6 unique builds - encrypted Javascript + UAC (32bit & 64bit) - $350
Preview
https://ibb.co/9Z8pSY6
======================
Both js variants are not the same they have different functions & behavior
Phantom Js + UAC variant does not drop any malware directly on disk which makes it more powerful. All it does is create defender exclusion & create persistence for your file using the url u send me. So once exclusion & persistence is enabled your file must execute with admin rights no matter what
But the variant without UAC does a download & execute operation without UAC exclusion & persistence
======================
reFUD (of same file): $40
reFUD available on request
Send me dm telegram @WERFAULT
TOS:
We are not responsible for how you use this product. This product is available for educational purposes only
It is forbidden to send Phantom js dropper to email servers known to be spam traps. Only business emails recommended to spread
Phantom js dropper must be spread to only business email with business domains & free from spam traps (if you want your file to stay FUD for long)
Phantom js dropper must NEVER be downloaded directly through browser (it must be password protected in zip file). Because it is heavily obfuscated js file, browser may flag the file even when it's FUD
It is recommended to use a spam trap remover tool to remove bad (spam trap) emails & NEVER spread Phantom js dropper to those bad emails
It is forbidden to upload phantom js file to (free & public) file hosting services
Highly recommended to host phantom js file only on Apache self hosting with your own vps
Paid customers will provide their decoy file & a direct link to their payload, then get their unique js file build
Highly recommend to spread phantom js inside a protected zip file for high click rate
As a bonus to customers, if you have purchased phantom js dropper twice, on your third & subsequent purchase you will get 10 unique builds instead of 6.
Features:
FUD LPE (UAC Admin privilege escalation) tested successfully on 32bit & 64bit PC fileless execution for all encrypted powershell commands (Optional) Decoy pdf file (or any file u want) will be first executed to deceive the target, then your payload will be executed in the background Bypass Windows Defender Long-lasting FUD. When you spread correctly, file can remain FUD after continuously spreading to business emails for more than a week Bypass WD machine learning Behavior detection Each js file is completely unique Runtime FUD Bypass AMSI Scantime FUD target is WD however most AV are bypassed (Optional) feature to disable windows defender notification (only in the UAC version) double layer obfuscation for phantom js build which helps it last longer and more difficult to reverse by threat researchers.Stubborn WD detection bypassed:
Wacatac detection (All variants) Bearfoos detection (All variants) Behavior detection (All variants) Sabisk detection (All variants)JS dropper Price:
6 unique builds - Only encrypted Javascript no UAC - $150
6 unique builds - encrypted Javascript + UAC (32bit & 64bit) - $350
Preview
https://ibb.co/9Z8pSY6
======================
Both js variants are not the same they have different functions & behavior
Phantom Js + UAC variant does not drop any malware directly on disk which makes it more powerful. All it does is create defender exclusion & create persistence for your file using the url u send me. So once exclusion & persistence is enabled your file must execute with admin rights no matter what
But the variant without UAC does a download & execute operation without UAC exclusion & persistence
======================
reFUD (of same file): $40
reFUD available on request
Send me dm telegram @WERFAULT
TOS:
We are not responsible for how you use this product. This product is available for educational purposes only It is forbidden to send Phantom js dropper to email servers known to be spam traps. Only business emails recommended to spread Phantom js dropper must be spread to only business email with business domains & free from spam traps (if you want your file to stay FUD for long) Phantom js dropper must NEVER be downloaded directly through browser (it must be password protected in zip file). Because it is heavily obfuscated js file, browser may flag the file even when it's FUD It is recommended to use a spam trap remover tool to remove bad (spam trap) emails & NEVER spread Phantom js dropper to those bad emails It is forbidden to upload phantom js file to (free & public) file hosting services Highly recommended to host phantom js file only on Apache self hosting with your own vps Paid customers will provide their decoy file & a direct link to their payload, then get their unique js file build Highly recommend to spread phantom js inside a protected zip file for high click rateAs a bonus to customers, if you have purchased phantom js dropper twice, on your third & subsequent purchase you will get 10 unique builds instead of 6.
All features working perfectly 
UAC (32bit & 64bit) - $130