XFiles is a stealer that can surprise with its simplicity and ease of use, designed for both one and a huge team.
♕ Everything is already configured for you and ready to use!
♕ Native Stub, written in the C programming language. The created builds are 70% unique thanks to our self-written protector. Plan up to 90% (Coming soon)
System calls are used wherever possible, in other cases WinAPI is used, no third-party libraries are used or required, the decoding of the collected log occurs entirely on the server.
♕ Work panel in Windows and in the web panel (Coming soon)
♕ Crypt build for the Thief subscription - Unlimited recryption of your file. - We encrypt only EXE of our clients. - At the output EXE or MSI - Guaranteed bypass of AV DEFENDER - Any icon for the EXE file. - Gluing with white exe.
♕ For Professional subscription - a unique dll file is issued to bypass smart and browser Alerts, as well as our scripts.
♕ Has its own non-resident Loader.
♕ Google Cookies recovery by token.
♕ The stealer collects data if the victim's browser is open.
♕ The stealer collects up to 1GB of browser extensions.
♕Private Proxies (Coming soon)
♕ For each build, a unique obfuscated data exchange protocol is generated for interaction with the gate (knock), delivery of logs to the gate occurs in parts. Thanks to this, we greatly increase the life of builds.
♕ Works on machines from Windows 7 to Windows 11 inclusive. Please note that our stealer does not knock on the CIS!
♕ Data collection works in memory, nothing is dropped to disk.
♕ Dynamic browser data collection, collects Cookies, Passwords, Autofill, Credit Cards. Supports over 50+ browsers (Google Chrome, Chromium, Opera, Opera GX, Edge, Firefox, etc.)
♕ Collection of over 800+ popular browser crypto wallets (extensions) integrated into Chrome, Brave, Opera, Firefox and Edge browsers. Collects all possible Crypto, Nft wallets, Password, 2Fa, OTP, Authentication Managers and Notes.
♕ Customizable flexible file grabber, written with an emphasis on optimization and the use of system calls, due to which fewer detections from AV.
♕Protection from AI Bots. (Coming soon)
♕Windows/MacOs stealer/HVNC logs purchase/sale store - coming soon
♕ChatGPT and ChatIA integration into panels - coming soon
♕Antidecket Browser integration - coming soon
♕AutoCheck of crypto balances and steam inventory - coming soon
Read all updates in the posts to the topic.
Tech part:
By subscribing for $200/month, you open access to the following functionality ✦ Beautiful, modern, convenient control panel on Windows, with a choice of Light or Dark theme. The panel allows ✦ Manage a team or work alone → Ability to invite and kick team members and create your own users with a login and password → As a team owner, you can change access rights to any functionality for your members. Don't want to give any rights except the right to view logs? ✔ no problem Do you want him not to be able to delete logs, create builds, or even completely limit his rights? ✔ your member has lost rights Change the password for the user you created Kick a user out of the team ✦ Join other teams → You don’t have to be a member of just one team, you can become a member at the invitation of the owner of another team! → Your rights as a member are determined by the owner of the team. ✦ Create, edit Builds with the Build Configurator, which supports flexible customization ✔ Anti-RDP - increases the life of the build ✔ Fake dialog box with text ✔ Configure the loader - download and run your file from the link when running the stealer ✔ Blocking knocks from certain countries ✔ Grabber extensions from Browsers ✔ Obfuscation - you can configure the obfuscation of the generated executable file. Each build has basic obfuscation/encryption. ✔ You can upload your own icon, as well as change information about the created executable file. ✔ Convenient multi-level File Grabber based on rules, supporting file search in specified folders, rules can contain sub-rules, you can select the operating mode for each rule, at the moment Two modes
→ By folder - search for a specific folder, when it is found, files will be collected in it according to the filters you specified. This type can nest other rules, for example, you can easily create a rule for collecting OpenVPN configs yourself, although we already have such functionality configured for you → By nesting level - will search for all files in a given depth, but only those that match your file filters will be selected. → File filter capabilities → Check for file size size → Check for file name (by mask), for example *.txt, *.doc, pass.txt, *passwords*
✦ Setting up log knockout, checking logs for uniqueness via IP and (or) HWID. ✦ Setting up notifications in Telegram, with the ability to choose which logs you and (or) your participants want to receive notifications for, the ability to make your own log knockout format in Telegram, you can add variables to your text. ✦ Search, download and delete your logs → With a flexible search system, you will find the log you need in a matter of seconds → Ability to bulk delete or download logs from both the server and disk → The panel shows which logs have already been downloaded, there is no need to re-download them → If you do not need some logs on the disk, you can delete them from your disk with 1 click, while they will remain on the server → Ability to see which of the participants downloaded the log → Ability to find out from whose build the log came (if, for example, the build created not by you) → Each log displays the following information ️ Country - where the log came from ️ Tags - added by you when creating the build Wallets - names or icons of wallets Services - a kind of domain detect, pre-loaded domains and icons ️ Autofills - number of autofills (from browsers) CC - number of credit cards (from browsers) Cookies - number of cookies (from browsers) Discord tokens - number of tokens (from browsers) ️ Archive size Log receipt date IP address - victim's address. → The log format is specially made similar to other formats for ease of processing. ✦ View team statistics → Top 10 team members → Top 10 countries by logs → Top 10 wallets → Visualization of received logs by time using charts ✦ Automatic Panel Update → The software automatically finds out when a new update is released and downloads it automatically the next time you launch ✦ Follow the news on the main page ✦ Website where you can → Download software (panel) → View news related to project → Get information about your account and its activity
✦ Support service works 24/7
Admin Panel Foto:
Log Structure:
Developer's Comment:
Even good software is of little value without constant support and maintenance by its author. New versions of software are released, aver analyzes malware, one way or another, something needs to be constantly changed, updated, and finalized. Programs are updated, aver databases are updated, and software without support in a month becomes no better than public. For example, let's take Azorult, which was the most popular stealer at one time, but quickly died after the author disappeared. At first, because of the large number of detections, but it was finally finished off by the Chrome update (version 80), which changed the encryption algorithms. Therefore, buying a subscription is a guarantee that we will support our project. About crypto. Someone thinks that crypto is a panacea, it doesn't matter that even Windows Def detects malware, you can encrypt it and go on working. This is not true. Remember once and for all - crypt only saves from detections in statics, that is, when the file is on the disk, or sent by mail, downloaded from somewhere. In dynamics, the software creator should remove detections and nothing else. Legends about miracle cryptographers who supposedly remove runtime detections are circulating on forums, but this is another urban legend, crypt complicates malware analysis (depending on the tricks of the cryptographer), this is the best he can do.
♕ Premium Subscription, everything you need for work Price - $200 - 1 Month. ✔ 24/7 Support ✔ Premium Chat in Matrix for clients. ✔ Maximum 20 users per team. ✔ Windows C++ Native Stab X64 ✔ Access to the manual. ✔ Google token recovery. ✔ Non-resident Loader. ❌ Crypt (Unique Stab) ❌ Bypass Defender. ❌ Bypass Smartscreen. ❌ Bypass Browser Alerts. ❌ Private Scripts. ❌ MacOS Stab (in development)
♕ Thief Subscription, for people who are aware of their actions. Price - $450- 1 Month. ✔ 24/7 Support ✔ Premium Chat in Matrix for clients. ✔ Maximum 20 users in a team. ✔ Windows C++ Native Stab X64 ✔ Access to the manual. ✔ Google token recovery. ✔ Non-resident Loader. ✔ Crypt (Unique Stab) ✔ Bypass Defender. ❌ Smartscreen Bypass. ❌ Browser Alerts Bypass. ❌ Private Scripts. ❌ MacOS Stab (under development)
♕ Professional Subscription, for like-minded people - a quick start to launch your traffic! Price - $2500- 1 Month. ✔ 24/7 Support ✔ Premium Chat in Matrix for clients. ✔ Maximum 20 users in a team. ✔ Windows C++ Native Stab X64 ✔ Access to the manual. ✔ Google token recovery. ✔ Non-resident Loader. ✔ Crypt (Unique Stab) ✔ Defender Bypass. ✔ Smartscreen Bypass. ✔ Bypass Browser Alerts. ✔ Private Scripts. ❌ MacOS Stub (in development)
![[Image: XFiles-EN.gif]](https://patched.to/pbb-proxy/UUNCQ0JeTUoNGVgHA0taWkkGE2RKdAliHGsnWQpVRUh8eRhUWAI-/XFiles-EN.gif)
![[Image: panel.png]](https://patched.to/pbb-proxy/UUNCQ0JeTUoNGUEKEhFQWAEZAVQXZAgAYHQSXhUfRgRXUlodQQoF/panel.png)
![[Image: pnael-2.png]](https://patched.to/pbb-proxy/UUNCQ0JeTUoNGUEKEhFQWAEZAVQXV1NealAMV1YfRgtYUloeA0oSCwM-/pnael-2.png)
![[Image: panel-3.png]](https://patched.to/pbb-proxy/UUNCQ0JeTUoNGUEKEhFQWAEZAVQXRGtlYnhQdFIfRgRXUloeAkoSCwM-/panel-3.png)
![[Image: panel-4.png]](https://patched.to/pbb-proxy/UUNCQ0JeTUoNGUEKEhFQWAEZAVQXdkpYQkQ1BzIfRgRXUloeBUoSCwM-/panel-4.png)
![[Image: log.png]](https://patched.to/pbb-proxy/UUNCQ0JeTUoNGUEKEhFQWAEZAVQXYlEHe3glAiIfWgpeGUZdVg--/log.png)