A repository of credential stealer formats for system information (e.g information.txt, system_info.txt etc...)
Your contributions are always welcome !
IP: [redacted]
Country: [redacted]
Hostname: [redacted]
PC Type: Microsoft Windows [redacted]
Architecture: amd64
File Path: C:\Users\[redacted]\AppData\Local\Temp
Main Path: C:\Users\[redacted]\AppData\Local\Ailurophile
Allowed Extensions: [rdp txt doc docx pdf csv xls xlsx keys ldb log]
Folders to Search: [Documents Desktop Downloads]
Files: [bank info casino prv privé prive telegram personnel trading bitcoin sauvegarde funds recup note]
MAC Address: [redacted]
Screen Resolution: [redacted]
Browsers:
Chrome Default - version: [version string]
Edge Default - version: [version string]
IP: 127.0.0.1
FileLocation: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
UserName: John
Country: GE
HWID: 12F6A3D3C12FE832CE805EB15C38A31A
Current Language: Russian (Russia)
ScreenSize: {Width = 1536,Height = 864}TimeZone: (UTC+04:00) Тбилиси
Operation System: Windows 10 Enterprise x64
Process Elevation: True
Available KeyboardLayouts:
Russian (Russia)
English (United States)
Hardwares:
Name: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz, 4 Cores
Name: Intel(R) HD Graphics 530, 1073741824 bytes
Name: NVIDIA GeForce GTX 960M, 4293918720 bytes
Name: Total of RAM, 16211.79 MB or 16999297024 bytes
Anti-Viruses:
Windows Defender
[General]
Build: recaptcha-verify (1.0.0)
HWID: 0A256AD07967582CD5A08537A6C57941
Date: 10/18/2024 1:51:06 PM
[Machine]
Computer Name: DESKTOP-ET51AJO
User Name: Bruno
System: Windows 10 Pro [x64]
Resolution: 1400x1050
Antiviruses: Windows Defender
Product Key: W269N-WFGWX-YVC9B-4J6C9-T83GX
[Geolocation]
Country: United States (US)
Location: Council Bluffs, Iowa
Zip Code:
[Network]
Public IP Address: 34.46.22.199
Private IP Address: 172.16.1.3
Internet Provider: Google LLC
[Miscellaneous]
Timezone: (UTC-08:00) Pacific Time (US & Canada)
Display Language: en-US
Ran as Admin: True
Keyboard Layouts:
- English (United States)
- Korean (Korea)
- Russian (Russia)
- Persian (Iran)
- Chinese (Simplified, China)
[Hardware]
CPU: Intel(R) Xeon(R) CPU @ 2.80GHz
GPU: Microsoft Basic Display Adapter
RAM: 4.1 GB
[Software]
Python 3.10.11 Core Interpreter (32-bit) [3.10.11150.0]
Python 3.10.11 Tcl/Tk Support (32-bit) [3.10.11150.0]
Python 3.10.11 Standard Library (32-bit) [3.10.11150.0]
Microsoft DCF MUI (English) 2016 [16.0.4266.1001]
[Processes]
msiexec
svchost
updater
conhost
svchost
MetaMask Info:
Seeds:
Private Keys:
Debanks:
Userinfo:
Country: US
IP: 47.160.126.208/284629518
City: Irving
ProductName: macOS
ProductVersion: 14.6
BuildVersion: 23G5075b
Hardware:
Hardware Overview:
Model Name: MacBook Pro
Model Identifier: Mac15,6
Model Number: MRX33LL/A
Chip: Apple M3 Pro
Total Number of Cores: 11 (5 performance and 6 efficiency)
Memory: 18 GB
System Firmware Version: 10151.140.19
OS Loader Version: 10151.140.19
Serial Number (system): F5X2YRHCVQ
Hardware UUID: 10F94688-D5E6-54BC-9437-BE147FF22A0E
Provisioning UDID: 00006030-000819003628001C
Activation Lock Status: Enabled
Graphics/Displays:
Apple M3 Pro:
Chipset Model: Apple M3 Pro
Type: GPU
Bus: Built-In
Total Number of Cores: 14
Vendor: Apple (0x106b)
Metal Support: Metal 3
Displays:
Color LCD:
Display Type: Built-in Liquid Retina XDR Display
Resolution: 3024 x 1964 Retina
Main Display: Yes
Mirror: Off
Online: Yes
Automatically Adjust Brightness: Yes
Connection Type: Internal
HWID: C9D18A2E-EDA4-5A7A-AB7E-XDNCCLAU35VS
Log Date: 03 September 2024 00:17:30
Build Name: bzPg7NGR1bFjBDl3Sjz9c1C03C2I89
Country Code: US
User Name: John Smith (johnsmith)
Computer Name: John’s MacBook Air (2)
Operation System: macOS 12.6.6 (21G646)
Time Zone: UTC-07:00 America/Adak
CPU: Dual-Core Intel Core i5, 1.8 GHz
RAM: 8 GB
IP: 127.0.0.1
Host Name: DESKTOP-1PQPCEA
OS Name: Microsoft Windows 10 Pro
OS Version: 10.0.19045 N/A Build 19045
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Workstation
OS Build Type: Multiprocessor Free
Registered Owner: admin
Registered Organization:
Product ID: 00330-80000-00000-AA016
Original Install Date: 5/19/2024, 6:34:35 AM
System Boot Time: 5/19/2024, 8:19:06 AM
System Manufacturer: VMware, Inc.
System Model: VMware20,1
System Type: x64-based PC
Processor(s): 2 Processor(s) Installed.
[01]: AMD64 Family 23 Model 113 Stepping 0 AuthenticAMD ~3500 Mhz
[02]: AMD64 Family 23 Model 113 Stepping 0 AuthenticAMD ~3500 Mhz
BIOS Version: VMware, Inc. VMW201.00V.21805430.B64.2305221830, 5/22/2023
Windows Directory: C:\Windows
System Directory: C:\Windows\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC-08:00) Pacific Time (US & Canada)
Total Physical Memory: 8,191 MB
Available Physical Memory: 5,096 MB
Virtual Memory: Max Size: 10,111 MB
Virtual Memory: Available: 7,138 MB
Virtual Memory: In Use: 2,973 MB
Page File Location(s): C:\pagefile.sys
Domain: WORKGROUP
Logon Server: \\DESKTOP-1PQPCEA
Hotfix(s): 5 Hotfix(s) Installed.
[01]: KB5031988
[02]: KB5015684
[03]: KB5033372
[04]: KB5014032
[05]: KB5032907
Network Card(s): 3 NIC(s) Installed.
[01]: Intel(R) 82574L Gigabit Network Connection
Connection Name: Ethernet0
DHCP Enabled: Yes
DHCP Server: 192.168.229.254
IP address(es)
[01]: 192.168.229.128
[02]: fe80::8da6:ef32:1a8e:643d
[02]: Bluetooth Device (Personal Area Network)
Connection Name: Bluetooth Network Connection
Status: Media disconnected
[03]: Wintun Userspace Tunnel
Connection Name: Mullvad
DHCP Enabled: No
IP address(es)
[01]: 10.5.0.18
[02]: fe80::4dc0:5438:c35d:200e
Hyper-V Requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
OS: Windows 10 Pro [ 64-bit ]
Local Date and Time: 2024-12-29 05:37:17 [ UTC: (UTC-08:00) Pacific Time (US & Canada) ]
UserName (ComputerName): Bruno (DESKTOP-ET51AJO)
CPU: Intel(R) Core(TM)CPU @ 2.80GHz [ Сores: 4 ]
RAM: 16 Gb
GPU: Microsoft Basic Display Adapter
Display Resolution: 1400 x 1050
Software:
Microsoft OneDrive [ 19.043.0304.0013 ]
Python 3.10.11 (32-bit) [ 3.10.11150.0 ]
7-Zip 23.01 (x64) [ 23.01 ]
Mozilla Firefox (x64 en-US) [ 123.0.1 ]
PC Name: DESKTOP-5ABF2TC
User Name: John
Windows: Windows Server 2022 Datacenter 64 Bit
CPU Name: Unknown (Unknown)
CPU Cores: Unknown (Unknown)
GPU Name: Unknown (Unknown)
GPU Mode: Unknown
Motherboard: Unknown Unknown (Unknown)
BIOS: Unknown (Unknown)
Antivirus: Unknown
Firewall: Unknown
RAM: Unknown
LANIP: Unknown
.NET Framework Version: 4.8+
Path: C:\Program Files\WinRAR\System.exe
IP: 127.0.0.1
City: South Carolina / North Charleston
Country: US / United States
Location: 32.8608 / -79.9746
Monitors:
Unknown
Save Time: 29.12.2024 23:51
- IP Info -
IP: 127.0.0.1
Country: Germany
City: Berlin
Postal: 10178
ISP: Cogent Communications - A174
Timezone: +01:00
- PC Info -
OS: Microsoft Windows 10 Pro
CPU: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
GPU:
- Microsoft Basic Display Adapter (1280, 720)
HWID: Unknown
Current Language: English (United States)
FileLocation: C:\Users\admin\Desktop\Cryptor.exe
Is Elevated: false
- Other Info -
Antivirus:
- Windows Defender
- Log Info -
Passwords: ✅ 1
Cookies: ✅ 50
Wallets: ❌
Files: ❌
Credit Cards: ❌
- LummaC2 Build: Oct 21 2024
- LID: 4SD0y4--MAGISTER
- Configuration:
- Path: C:\Users\pc\AppData\Local\Temp\1F58.exe
- OS Version: Windows 11 Pro (10.0.22631) x64
- Local Date: 26.10.2024 19:00:18
- Time Zone: UTC+4
- Install Date: 23.02.2024 11:01:58
- Elevated: false
- Computer:DESKTOP-5ABF2TC
- User: pc
- Domain:
- Hostname: DESKTOP-5ABF2TC
- NetBIOS: DESKTOP-5ABF2TC
- Language: ar-AE
- Anti Virus:
- Windows Defender
- HWID: 2FC5E1B5B129FD4CDB71E32F12995CB3
- RAM Size: 16384MB
- CPU Vendor: GenuineIntel
- CPU Name: 11th Gen Intel(R) Core(TM) i5-11400F @ 2.60GHz
- CPU Threads: 12
- CPU Cores: 6
- GPU: NVIDIA GeForce RTX 3050
- Display resolution: 1920x1080
- IP Address: 127.0.0.1
- Time: 26.10.2024 18:00:17 (sig:1729954817.083b646b6e3d8a67dcccac7f0073444c)
- Country: AE
HWID: BF72890FDDFA11EEB512345E6F6E6963E11C7EE3
Log Date: 03-12-2024, 23:45:57
Build Name: Oxoxox
Country Code: US
User Name: John
Computer Name: DESKTOP-5ABF2TC
Operation System: Windows 10 Home
Time Zone: [UTC-7:00] US Mountain Standard Time
Screen Resolution: 1920x1080
CPU: AMD Ryzen 5 3500 6-Core Processor , 6 cores
GPU: NVIDIA GeForce GTX 1650 SUPER
RAM: 7.91499 GB
IP: 127.0.0.1
Execute Path: C:\Users\acegr\AppData\Local\Temp\9cb5ce.exe
User: 123716
Operating System: Microsoft Windows 10 Pro 10.0.17134
Process Executable Path: C:\Users\george\AppData\Local\Temp\2qkzd95dyyUVXJUyxyDQepb1uAe\SecurityHealthService.exe
Uptime: 1 hours, 12 minutes, 35 seconds
CPU: Intel Celeron® G6900, Intel Celeron G6900 2.59 GHz
RAM: 8 GB
GPU: 2YYYT (1024 MB)
ScreenResolution: 1024x768
Serial Number: 00330-80000-00000-AA154
Disk Devices: C: 208.15 GB
IP: 34.17.55.59
Country: Italy
City: Turin
Region: Piedmont
ISP: GOOGLE-CLOUD-PLATFORM
Latitude: 45.0705
Longitude: 7.6868
Timezone: Europe/Rome
----- Geolocation Data -----
IP: 127.0.0.1
Country: Russia (RU)
City:
Postal: 56694
MAC: 52:54:00:E8:91:2E
----- Hardware Info -----
Username: Administrator\ZTLRFZYKCOID
Windows name: Windows Server 2016 Standard x64
Hardware ID: fce12345dbb464f8e31fb2bb1234f2c8
Screen Resolution: 1920x1080
GPU: Microsoft Basic Display Adapter
CPU: QEMU Virtual CPU version 2.5+
RAM: 4 GB
----- Report Contents -----
Passwords: 0
Cookies: 57
Credit Cards: 0
AutoFills: 0
Extensions: 0
Wallets: 0
Files: 0
----- Miscellaneous -----
Antivirus products:
File Location: C:\Users\Administrator\Desktop\Ruvyjam.exe
Clipboard text:
Build compile date: Sat Feb 27 21:25:06 2021
Launched at: 2021.03.03 - 09:59:08 GMT
Bot_ID: 2B535503-847D-4780-BFA1-18DFAF0D764D_Mario
Running on a laptop
-------------
- Cookies: 1292
- Passwords: 104
- Files: 0
System Information:
- System Language: Polish
- System TimeZone: +1 hrs
- IP: 80.238.108.168
- Location: 52.273998, 21.083700 | Warsaw, Mazovia, Poland (03-890)
- ComputerName: MARIO-KOMPUTER
- Username: Mario
- Windows version: NT 6.1
- Product name: Windows 7 Home Premium
- System arch: x32
- CPU: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz (4 cores)
- RAM: 3055 MB (1554 MB used)
- Screen resolution: 1366x768
- Display devices:
0) Intel(R) HD Graphics 5500
-------------
Installed Apps:
7-Zip 19.00 (19.00)
Adobe Acrobat Reader DC - Polish (19.010.20098)
Adobe Refresh Manager (1.8.0)
Adobe SVG Viewer 3.0 ( 3.0)
Advanced SystemCare (14.1.0)
WinRAR 6.00 (32-bit) (6.00.0)
-------------
User ID: 9d592aaf-038b-4374-81e3-1b4b3f879370|Grzesiek
Last seen: Thu Oct 10 2024 17:21:27 GMT+0200 (Central European Summer Time)
Build: 66a7f4...98fb46
IP info: PL 31.60.52.174
System Information:
- Locale: Polish
- Time zone: +60 minutes from GMT
- OS: Windows 10 Home
- Architecture: x64
- CPU: Intel(R) Core(TM) i5-3550 CPU @ 3.30GH (4 cores)
- RAM: 8159 MB
- Display size: 1680x1050
- Display Devices:
0) Radeon RX 570 Series
Installed applications:
AMD Software 22.4.2
WinRAR 6.24 (64-bitowy) 6.24.0
AMD DVR64 1.0.2
ScpToolkit 1.7.277.16103
Branding64 1.00.0009
Malwarebytes version 5.1.2.109
UE4 Prerequisites (x64) 1.0.11.0
Revo Uninstaller Pro 5.2.6
AMD Settings 2022.0420.0248.5055
AMD WVR64 1.0.2
EVERSPACE™ 2 1.2.40068 Incursions Hotfix #2
DOOM Eternal
Google Chrome 129.0.6668.90
HD Tune Pro 5.75
Internet Download Manager 6.42.3
K-Lite Codec Pack 18.2.0 Full
Microsoft Edge 92.0.902.67
Microsoft Edge Update 1.3.195.25
Splash 2.7.0
OpenAL
PLAY INTERNET 23.015.11.00.264
Steam 2.10.91.91
UE4 Prerequisites (x64) 1.0.13.0
Need For Speed Payback Deluxe Edition MULTi10 - ElAmigos wersja 1.0.51.15364
CheckDrive 2025 6.02
Build ID: TG
IP: 127.0.0.1
FileLocation: C:\Users\Soliman\AppData\Roaming\LqKC6wx1X7.exe
UserName: John
MachineName: DESKTOP-I5DF3AA
Country: AE
Zip Code: UNKNOWN
Location: Dubai, Dubayy
HWID: 122C51E4AF1735E9123E2A94C1AC26A0D
Current Language: English (United States)
ScreenSize: {Width=1536, Height=864}
TimeZone: (UTC+04:00) Abu Dhabi, Muscat
Operation System: Windows 10 Pro x64
Log date: 7/4/2024 5:43:07 PM
Available KeyboardLayouts:
English (United Kingdom)
English (United States)
Arabic (Egypt)
Hardwares:
Name: Total of RAM, 8087.34 Mb or 8480190464 bytes
Name: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2 Cores
Name: Intel(R) HD Graphics 520, 1073741824 bytes
Anti-Viruses:
Windows Defender
Build: default
Version: 2.0
Date: Sat Jul 06 3:43:57 2024
MachineID: [redacted]
GUID: {553e7197-[redacted]}
HWID: [redacted]
Path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Work Dir: C:\Users\hp\AppData\Local\Temp\trixyqMFkDNPSFQYy
IP: 127.0.0.1
Location: EG, Cairo
ZIP (Autofills): -
Windows: Windows 10 Pro [x64]
Computer Name: DESKTOP-DW129SN [WORKGROUP]
User Name: hp
Display Resolution: 1920x1200
Display Language: en-US
Keyboard Languages: English (United States) / Arabic (Egypt)
Local Time: 6/7/2024 3:43:57
TimeZone: UTC2
[Hardware]
Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
CPU Count: 8
RAM: 16090 MB
VideoCard #0: Intel(R) HD Graphics 4600
[Processes]
System [4]
Registry [124]
smss.exe [548]
csrss.exe [660]
wininit.exe [752]
csrss.exe [772]
winlogon.exe [824]
services.exe [892]
==================================================
Operating system : Windows Server 2022 Datacenter (64 Bit)
PC user : EC2AMAZ-75HN4R3/Administrator
ClipBoard : text
Launch : C:\Users\Administrator\Pictures\rdp_stealer.exe
==================================================
Screen resolution : 600x1256
Current time : 5/22/2023 5:28:14 PM
HWID : 178BFBFF000406F1
==================================================
CPU : Intel(R) Xeon(R) CPU E5-2686 v4 @ 2.30GHz
RAM : 16382MB
GPU : Microsoft Basic Display Adapter
==================================================
IP Geolocation : 127.0.0.1 [India]
Log Date : 05/22/2023 5:28
BSSID : 0a:02:14:dc:54:1e
==================================================
Network Info:
- IP: 122.161.XXX.XX
- Country: IN
System Summary:
- HWID: G5NGOT9X695ZPKPW0RQSPS
- OS: Windows 10 Pro
- Architecture: x64
- UserName: John
- Computer Name: DESKTOP-5ABF2TC
- Local Time: 2024/6/22 15:49:7
- UTC: 5
- Language: en-IN
- Keyboards: English (United States)
- Laptop: TRUE
- Running Path: C:\Windows\SysWOW64\explorer.exe
- CPU: Intel(R) Core(TM) i5-5300U CPU @ 2.30GHz
- Cores: 2
- Threads: 4
- RAM: 3971 MB
- Display Resolution: 1600x900
- GPU:
-Intel(R) HD Graphics 5500
[IP]
External IP: 119.98.203.64
Internal IP: 10.0.2.15
Gateway IP: 10.0.2.2
[Machine]
Username: John
Compname: DESKTOP-5ABF2TC
System: Microsoft Windows 10 Pro (64 Bit)
CPU: Intel(R) Xeon(R) CPU @ 3.20GHz
GPU: Microsoft Basic Display Adapter
RAM: 4092MB
DATE: 2024-12-25 7:27:19 AM
SCREEN: 1920x1080
BATTERY: NoSystemBattery (100%)
WEBCAMS COUNT: 0
[Virtualization]
VirtualMachine: False
SandBoxie: False
Emulator: False
Processes: False
Hosting: False
Antivirus: Windows Defender
Operation System: win10-amd64
Current JarFile Path: C:/Users/WDAGUtilityAccount/AppData/Local/Temp/svchost.jar
UserName: WDAGUtilityAccount
IP: 95.135.28.223
TimeZone: 2024-09-29T02:31:56.696+03:00 [Europe/Moscow]
Width: 1076.0, Height: 533.0
Language & Country: ru_RU
Operation ID: 3a0e18ea-e2d2-d347-981f-8d27f710ba3e3a167754-3fe3-716f-ebda-f87f6aac5410
IP: 40.40.186.60
Country: US (United States)
Operating System: Windows 10
Username: Stanton
Computer Name: DESKTOP-T43JEK2
Hardware ID: 5E30421F690DE01B6E6014007152B83109C02F65
CPU (Processor): Intel(R) Core(TM) i5-4670 CPU @ 3.40GHz
GPU (Display Devices): Intel(R) HD Graphics 4600
RAM (Memory):
Screens: 1920x1080
Desktop Screenshot Taken: Yes
Windows Processes [
System
Registry
RuntimeBroker.exe
ArchiveUninstall_up_dbg.exe
CalculatorApp.exe
RuntimeBroker.exe
svchost.exe
elevation_service.exe
svchost.exe
]