Overview
Sheikh Crypter is one of the easiest crypters with advanced features. Its coded from scratch in C#, so it will require .net Framework 2 at least for the crypted file. This should be no problem as 90%+ of the computers have this installed and every new OS will have this pre-installed.
The crypter has been FUD from the day that I released it for testing. Thats almost 3 months and still going. The crypter uses CodeDom to make all the functions work and it stores the encrypted bytes in a unique way.
The crypter is tested with some RATs and also offers EOF support for those. It works on all Windows OS including XP/Vista/Seven (Both x86 and x64). It successfully crypts Native files and Managed files (.NET) and can even bind them together.
The advanced functions are easy to use and as the first crypter with built-in Live Support Chat, there is 24/7 support from either admins or customers.
Features
=> Crypts FUD Native & Managed
=> Unlimited File binder – also binds native to managed (.NET)
=> Crypt/Bind ANY file/extension (.mp3, .pdf, .wmv, images etc)
=> Strong Polymorphic Encryption
=> Works on all Windows OS (XP/Vista/Seven) Both x86 & x64
=> CodeDom USG (automatic Unique Stub Generator) No similarity or less than 1% with equal files!
=> Alternate Injections
=> Automatic EOF detection & support
=> Unlimited File Downloader (And Execute)
=> Unlimited Website Visitor
=> Assembly Changer (With saving)
=> Prewritten Assembly information (+Generate)
=> Icon changer (Steals Icon from exe or uses clean Icon File & saves it)
=> File Pumper (Adds bytes)
=> Extension spoofer (Any extension, .mp3, .gif etc.)
=> Automatic stub Update
=> Automatic version checker
=> Add to Startup in two ways
=> Startup Persistence
=> Process Persistence
=> Botkiller
=> Compress Output
=> Reflector Protection
=> Delayed Execution
=> Melt File
=> Hide File
=> Fake Message (And Preview)
=> Antis
=> Host Blocker (IP’s & Websites)
=> Custom kill process
=> Custom Startup name
=> Custom processname
=> Automatic Output Obfuscation
=> Output Extension Changer (.Exe, .Com, .SCR, .BAT, .PIF)
=> Advanced custom HWID protection [Uncracked]
=> Built-in Multi-Antivirus scanner
=> Built-in Live Support Chat
Sheikh Crypter are tested and working with
=> CyberGate
=> DarkComet(3.2,4.0&4.2)
=> BlackShadesRAT
=> BlackShadesHTTP
=> BlackshadesStealer
=> SpyNet
=> PoisonIvy
=> Bifrost
=> TurkojanGold4.0RAT
=> DarkDDoser(v5.1)
=> ParadoxRAT(v4.2.2)
=> ClientMesh
=> LokiRAT
=> iStealer
=> Rbot
=> Rxbot
=> IPkiller
=> DDoSeR4.3
=> VertexNet
=> z3r0xb0t
=> AryaNIRCBot(v1)
=> SwarmIRCBot
=> AutumnIRC(v1.2.2)
=> Insomnia
=> Caberp
=> PredatorPainHijacker(5)
=> DecayLoggerPublicVersion
=> ReverseProxy(cjb)
=> Allnormal.NETApps
=> And more..
Crypter Features
Here is a description of the features in the Sheikh Crypter. This is only meant for people that want to know more information about a feature or know how to use it.
Unlimited File Crypter
RightClick on the box in the main to browse for a file, after clicking "Add File". Or just drag and drop your files. You can crypt and FUD native and managed (.NET) files. A file can be deleted by rightclicking on one file and clicking on "Delete". You can delete multiple files at once by selecting them. You can crypt any file, even .pdf, .doc, .gif etc.
Unlimited File Binder
Binding is the same as browsing for multiple files. Just browse multiple times and add those files to the list or simply drag and drop them. You can even bind executables with .Pdf's, managed files, pictures and anything you want! If you want to run an executable file only once when startup is checked. Then rename the file from .exe to .com before you bind it.
Unlimited Downloader
Insert the link of the file that you want to get downloaded and executed on the first Run. You can add as many as you want. Why to use a downloader? To reduce the size of the file.
Visit Link
Insert the link of the website that you want to visit when you run the crypted file. The website will be visible and will be opened in the default browser. Usage: To gain traffic to your website or by any other means, as a prank.
Standard Injection - Alternate
Standard Injection: This is an injection type without any drops.
Alternate Injection: Injection with drop.
It does not matter which one you choose. For some people and for some programs, the one works better than the other.
Startup
Startup 1: This will make the output start up after reboot every time. It is stable but visible for MSconfig.
Startup 2: This adds to startup, but is invisible for MSconfig. The startup folder is different. There are no other differences.
The startup name can be anything. Example "Messenger"
Change Assembly Information
You can Change the Output information to make the file look more legit. You can save your custom information, use one of the 10 pre-typed ones, import information out of a file, or just generate random strings. In some cases, legit assembly information can lower the detection rates.
Change Icon
Changing Icon make the outputs look more professional and in some cases it gives more Undetected Outputs. You can import ".ico" files (recommended) or clone the icon of a file.
Pump File
This adds bytes to the output to increase the size of it. You can add in kB and MB.
Spoof Extension
Spoofing extension will only work on Windows Vista and Win7. It is recommended to use short output names. The computer should also show all file extensions in order to work. With the right combination of assembly information and Icon it can be effective to trick someone and make him believe the .exe is actually an .mp3 or any other extension that you can type in the box.
You can also just save the file as .bat .com .scr .pif using the "Build"-button. This is not extension spoofing and this will work on all computers.
Pump File
This adds bytes to the output to increase the size of it. You can add in kB and MB.
Fake Message
The message that you type here only starts once. Even if you have startup enabled. It supports multi-line and you can choose the buttons and style you want.
Melt File
On execution, the file melts down and deletes itself from the path that it was.
Hide File
On execution, the file goes hidden and removes itself. But it stays in the same path and if a user has "show hidden files", the file will just be there.
Delay Execution
You can delay the execution of the main decryption process some seconds. This can bypass some anti-viruses better on Runtime. It also looks less suspicious.
Custom Kill Process
Kills a custom process by just giving a part of the process name. "Note" or "pad" will kill all open notepads on execution.
Antis
On execution, it tries to kill the programs that are checked in the Anti-list.
Registry Persistence
Makes it harder to get botkilled and get removed from startup. Deleting manually from startup also won't work then.
Process Persistence
Makes the process stronger and harder to kill. Not always recommended.
Botkiller
It tries to kill other bots and possibly cleans your own computer if you infected yourself.
Compress Output
Compress the output to have a smaller file size. Only recommended if you are crypting files of over 1 MB size. Small files will have the opposite effect when using compressing the output.
Reflector Protection
It makes your file harder to reverse engineer and keeps you save from non-professional reverse engineering of the crypted file.
Multi AntiVirus Scanner
Scan your outputs with the built-in Multi Antivirus Scanner and test the FUD-rate very fast with the up to date AVs. You are free to use this scanner at any time.
Support Chat
This is the first crypter with a custom built-in support Chat. This way we are close to our customers and we can provide help at any time instantly. Users can also help each other.
Screen => Click Here
Sheikh Crypter is made to be simple and effective!
The crypter is very easy, lightweight and straightforward.