Leaking this from SkyZelon, known scammer from HF. This only works if your stub is a native file. Won't work on .Net payloads. Netwire is the only Rat I've used with this exploit. Files look clean but use at your own risk and always in a VM or Sandbox!
VT: https://www.virustotal.com/gui/file/237d...01d184f95d
https://www.virustotal.com/gui/file/5290...1729e3d86e
Content Unlocked:
https://gofile.io/d/d9CVwb
VT: https://www.virustotal.com/gui/file/237d...01d184f95d
https://www.virustotal.com/gui/file/5290...1729e3d86e
Content Unlocked:
https://gofile.io/d/d9CVwb
