Hey guys, I have a rudimentary remote access trojan that I can control from my host machine, but I don’t know the best way to have it ran on the scammers PC’s. Right now I’m thinking I can transfer a few dummy files onto my VM (like fake personal banking/crypto info) and using VBA macros to execute shellcode. This is complicated and requires some luck to work tho, because the scammer will have to download one of these dummy docx/xlsm files and open it on their PC with macros enabled… Is there an easier way to get a rat on scammers PC’s??
Recently I’ve been uploading 100s of pictures of literal shit and a simple .bat script that pops up “Benchode alert” all in the scammers startup folder so when they restart the computer, they are welcomed to a nice picture of shit and a heartfelt message.
I’d probably go the same route with implementing something in the start up folder to automatically run. You’re 100% relying on luck where if you can get good with some scripts or get some off Github you’re not relying on luck all that much.
I was actually wondering if this would work, dropping batch files in the startup folder. My idea was to have it do a search for .txt files and .doc, .pdf, .xlsx, etc and rename them to ‘[random number].[random number]’ and perhaps drop a garbage text file in there and have it to create infinite copies of it to fill the hard drive.