OP 21 July, 2022 - 07:44 PM
(This post was last modified: 21 July, 2022 - 07:46 PM by CannaShop. Edited 2 times in total.)
![[Image: XWkhDJA.png.52169b81f3bd24b5a3f3c0f0631e5bf1.png]](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fforum.exploit.in%2Fuploads%2Fmonthly_2021_04%2FXWkhDJA.png.52169b81f3bd24b5a3f3c0f0631e5bf1.png)
MemPOS scans for dumps (T1/T2) and CVVs stored in memory, files, keyboard, clipboard or network packets in several different known formats by utilizing algorithms and a series of handpicked Regex.
All traffic is encrypted with SSL and transported via the Tor network to your own hidden service (.onion address), which we can assist in setting up for you in less than 2 minutes.
It's a guarantee that MemPOS performs better than any other existing POS malware. Best of all, it is extremely easy to setup and getting started with.
Demonstration:
MemPOS catches dumps and CVVs by means of:
* Continuously scanning memory space of x86 and x64 bits processes
* Continuously scanning relevant files on all connected drives and caching those for less redundancy
* Monitoring network packets from active interfaces
* Monitoring clipboard for data transmissions
* Monitoring keyboard interfaces, which is especially effective against certain POS software utilizing this method
* Continuously scanning relevant files on all connected drives and caching those for less redundancy
* Monitoring network packets from active interfaces
* Monitoring clipboard for data transmissions
* Monitoring keyboard interfaces, which is especially effective against certain POS software utilizing this method
Bot features:
* Low profile: Utilizes process affinity for minimal CPU load. Typically using a single core only and averages about < 1% of CPU load.
* Hidden+Normal startup methods
* Process persistence (automatically re-spawn process if killed)
* Utilizing hashing of dumps/CVVs and scanned memory blocks to avoid redundancy
* Low profile: Utilizes process affinity for minimal CPU load. Typically using a single core only and averages about < 1% of CPU load.
* Hidden+Normal startup methods
* Process persistence (automatically re-spawn process if killed)
* Utilizing hashing of dumps/CVVs and scanned memory blocks to avoid redundancy
* Reports to panel every minute
Panel features:
* Bot info shown is ID, HWID, IP/LAN, PC/User, OS, Install date, Last seen, Dumps/Tracks, CVVs, Relapse, CPU usage
* Guest account for allowing trusted partners to view statistics and masking sensitive details (dumps/CVVs)
* Export dumps or CVVs with customizable details like selecting columns and delimiters
* Bot info shown is ID, HWID, IP/LAN, PC/User, OS, Install date, Last seen, Dumps/Tracks, CVVs, Relapse, CPU usage
* Guest account for allowing trusted partners to view statistics and masking sensitive details (dumps/CVVs)
* Export dumps or CVVs with customizable details like selecting columns and delimiters
* Relapse level - View ratio of returning customers in % for each POS system
* Marking dumps or CVVs as sold
* Daily statistics chart
* Download and execute
* Clear tracks/cvvs
* Delete bot
* Marking dumps or CVVs as sold
* Daily statistics chart
* Download and execute
* Clear tracks/cvvs
* Delete bot
MemPOS is coded in C# and has been extensively tested with various POS systems for long periods with excellent results.
MemPOS utilizes process affinity for minimal CPU load.
It automatically caches and prioritize processes and files it has found relevant data from for faster and focused scans in order to beat certain POS systems known for quickly wiping their memory space.
It automatically caches and prioritize processes and files it has found relevant data from for faster and focused scans in order to beat certain POS systems known for quickly wiping their memory space.
Unlike many other POS malware that are almost all known to capture even invalid/corrupt dumps, MemPOS accurately filters out bad tracks with typical nulled discretionary data.
Best of all, all traffic is made via SSL over Tor and the panel is easily placed behind a hidden service (.onion).
FAQ:
- Which editions of Windows OS does MemPOS run on?
MemPOS has been extensively tested on several different editions ranging from Windows XP sp3 to Windows 11. Working perfectly fine on all of those, including all Server editions.
- Can I use MemPOS as a regular botnet?
MemPOS can be perfectly used as a standard botnet if you are looking for something stable to just hold bots with.
The main advantage is the utilization of the Tor network, which means you don't have to buy any domain, hunt bulletproof servers or worry about take downs.
We have tested holding over 1k bots with MemPOS on a very low end VPS with 2 cores and just 2 GB of RAM without any problems at all.
- Is my software "xx" compatible with MemPOS?
In short, MemPOS is compatible with any POS software that runs through memory, network or keyboard/clipboard interface on a windows devices. Which is the majority, if not all, ranging from the restaurant tyrant; Aloha and Wand to the growing retail giant LS Retail.
- My target POS has "xx" installed as an antivirus, I would like to be able to protect the process. How can you help me?
MemPOS offers custom tailored stub support per customer which designates which and what features auto install with your stub. There are three drops that are mandatory, and some that are optional. By default, MemPOS disables Windows Defender before execution.
- Can you encrypt my MemPOS stub?
Short answer; No. You need to use your own crypter. With persistence disabled (heavy persistence already exists in the stub). You are fully responsible for checking and encrypting your stub if you choose to do so.
MemPOS is designed to work perfectly as-is, and cannot be tested for stability with every crypter. I would recommend thoroughly testing and comparing your encrypted stub should you choose to do so.
- I would like you to install MemPOS on my behalf. Can you do so?
Yes. MemPOS provides a support network for installation at a small fee. You need only provide credentials for a clean Windows-based VPS of your choice.
- What happens if the process gets killed?
MemPOS has inbuilt persistence and will automatically restart within a few minutes if kiled.
MemPOS has inbuilt persistence and will automatically restart within a few minutes if kiled.
MemPOS runs with a very low profile and we have performed intensive, long-term and invasive testing on various systems, which has proved only positive results.
What you will receive:
+ Panel files (PHP and JS)
+ Database structure (.sql)
+ Stub (.exe)
+ Panel files (PHP and JS)
+ Database structure (.sql)
+ Stub (.exe)
New Thread Price: $1800 Price will go to $2000 after 5 Sales.
Garant always welcome.
![[Image: CB154VP.gif]](https://i.imgur.com/CB154VP.gif)
![[Image: tbJDyj4.png]](https://i.imgur.com/tbJDyj4.png)
![[Image: 9DLsHUK.png]](https://i.imgur.com/9DLsHUK.png)
![[Image: xjezwen.gif]](https://i.imgur.com/xjezwen.gif)
![[Image: IJpG0Ar.gif]](https://i.imgur.com/IJpG0Ar.gif)
