Tuesday, 11 December 2012

DeadLine's Survey Builder (Adslocker)

Another 'adslock' this time in .NET (so yeah, that come from HF)

It open a webpage to a text file and look on the txt your hwid, on the list ? allowed.



Designed to fail.
Open 'random' program not so random, just predefined urls:
And the infected guys must use the 'C' letter for Windows (lol?)
Another example:

Write words, not so random, predefined once again:

Open random predefined sites:

url/pw stored in plain:

For the rest it's just like usual infections, registry persistence via HKCU[...]CurrentVersion\Run, etc...
AdsLocker seems fashion on hackforum since Adslock.A

FileIce open source AdsLock:

Another AdsLock from HF:

Please guys.. no more .NET

1 comment: