{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":425766154,"defaultBranch":"master","name":"SilentCryptoMiner","ownerLogin":"UnamSanctam","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2021-11-08T09:03:32.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/10323655?v=4","public":true,"private":false,"isOrgOwned":false},"refInfo":{"name":"","listCacheKey":"v0:1699953704.0","currentOid":""},"activityList":{"items":[{"before":"ac13f952c19bfce3617aa464f7cb28f4f2a04ca6","after":"c61e842d5ec04e2493a83f54f096ba2f3b95687d","ref":"refs/heads/master","pushedAt":"2023-11-14T09:20:38.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"UnamSanctam","name":"Unam Sanctam","path":"/UnamSanctam","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10323655?s=80&v=4"},"commit":{"message":"Updated to v3.4.0\n\n* Changed administrator \"Startup\" installation procedure from using the Task Scheduler to instead install as a Service\n* Changed the Administrator \"Startup\" installation from installing into \"Program Files\" to instead install into \"ProgramData\"\n* Removed the \"Run as System\" option due to Services always running as System\n* Added MSRT removal to the \"Add Defender Exclusions\" feature\n* Changed the C++ compiler to one with less detections and better features\n* Improved external compiler starting procedure to bypass compiler bugs when the build path contains spaces or unicode characters\n* Modified the compilation process to incorporate \"strip\" for the removal of all unnecessary symbols and relocation data\n* Adjusted compiler optimization level to mitigate some antivirus detections\n* Enabled LTO during compilation to remove a lot of compiler caused detections from unused sections\n* Changed the compiler from using temporary files to instead use pipes in order to work better with some irregular environments\n* Changed the compilation procedure to add a randomized creation date and last write date to the built miner files\n* Reverted miner builder .NET Framework version back to .NET 4.5 from .NET 4.8 for better compatibility\n* Changed the miner injection technique to both reduce complexity and antivirus detections\n* Optimized the process creation code\n* Remade miner injection loop code and watchdog mutex check loop code to bypass a new targeted Windows Defender detection\n* Greatly improved the SysWhispersU syscall generator\n* Switched over from static syscalls to randomized dynamic syscalls\n* Changed the \"Run as Administrator\" feature to elevate programmatically instead of through a manifest file to avoid manifest caused detections\n* Added obfuscation to all constants and literals\n* Added base64 encoding to embedded files in order to bypass detections caused by high entropy data\n* Changed the embedded resource format from hex to decimal in order to reduce memory usage and time during compilation\n* Changed the default \"Startup\" tabs \"Entry Name\" and \"File Name\" to a randomized string due to Windows Defender targeting the current default names\n* Added new \"Randomize\" button next to the \"Startup\" tabs \"Entry Name\" and \"File Name\" options to allow for fast randomization\n* Added new \"Advanced Option\" that allows automatic UPX packing of the embedded miner resource files\n* Changed the \"Disable Windows Update\" and \"Disable Sleep\" functions to directly call the programs instead of calling them through a command line\n* Changed default \"Inject Into\" program to conhost.exe instead of explorer.exe due to explorer.exe now triggering detections when running under System\n* Added \".exe\" extension exclusion to \"Add Defender Exclusions\" feature in order to potentially prevent some future general memory detections\n* Removed XMR \"GPU Mining\" option due to problems with CUDA and it being worse than the already existing dedicated GPU miner\n* Removed XMR \"CPU Mining\" option due to it having no reason to exist now that the \"GPU Mining\" option is gone\n* Rewrote XOR cipher function to bypass XOR obfuscation detection\n* Remade the \"Block Websites\" feature code to bypass some detections caused by looping\n* Greatly improved the overall code to reduce wasteful calls, handles and possible code signatures\n* Changed \"Start Delay\" to only apply before installation in order to avoid timeouts\n* Updated the uninstaller to properly remove all files\n* Updated the miners","shortMessageHtmlLink":"Updated to v3.4.0"}},{"before":"be942c0355f222c85e584c210156ee76f6ca894c","after":"ac13f952c19bfce3617aa464f7cb28f4f2a04ca6","ref":"refs/heads/master","pushedAt":"2023-09-04T21:14:14.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"UnamSanctam","name":"Unam Sanctam","path":"/UnamSanctam","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10323655?s=80&v=4"},"commit":{"message":"Updated to v3.3.1\n\n* Added OpenCL ICD loader statically into the GPU miner because some systems local loaders do not seem to work\n* Added automatic CPU mining core restart when a prolonged period of zero hashrate is detected\n* Fixed administrator \"Startup\" trigger to be \"on login\" when \"Run as System\" is disabled\n* Reduced some antivirus detections by modifying the miner compilation command\n* Changed some miner builder compiler commands to be absolute instead of relative\n* Added \"Assembly\" tab \"Version\" number sanitization\n* Fixed unnecessary log warning during compilation\n* Removed many old unused debug strings inside the miners","shortMessageHtmlLink":"Updated to v3.3.1"}},{"before":"8caef3eec1040ddb982574ccd7cc3d88016f7c09","after":"be942c0355f222c85e584c210156ee76f6ca894c","ref":"refs/heads/master","pushedAt":"2023-08-24T02:43:46.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"UnamSanctam","name":"Unam Sanctam","path":"/UnamSanctam","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10323655?s=80&v=4"},"commit":{"message":"Updated to v3.3.0\n\n* Added the KawPow (kawpow) algorithm directly into the GPU miner\n* Added new FiroPow (firopow) algorithm\n* Added new ProgPow (progpow) algorithm\n* Added new ProgPowZ (progpowz) algorithm\n* Added new EvrProgPow (evrprogpow) algorithm\n* Implemented KawPow, FiroPow, EvrProgPow, ProgPow and ProgPowZ using only OpenCL for both Nvidia and AMD to bypass large CUDA NVRTC library requirement\n* Rewrote most of the GPU miner to add support for multiple algorithm families and to greatly improve stability and reliability\n* Added Sero-Proxy protocol to be able to mine Sero (ProgPow)\n* Removed KawPow (kawpow) algorithm from the XMR miner and also the large CUDA NVRTC library to make sure no one accidentally uses it\n* Re-added the Panthera (rx/xla) algorithm\n* Added Zephyr coin (rx/0) solo mining support\n* Moved the XMR miner \"GPU Mining\" option into the \"Advanced\" tab to discourage unprofitable XMR GPU mining\n* Moved the \"Use Rootkit\" option into the \"Advanced Options\" for better clarity regarding its complexity\n* Changed Task Scheduler Task creation from Powershell to only using the command line with a temporary XML file\n* Changed MSR driver path from using a static library path to a dynamically generated path\n* Modified embedded file encryption and decryption to reduce heuristic detections\n* Changed the code compiler build to different one to greatly reduce the compiler-caused antivirus detections\n* Improved the external compiler execution commands by better forcing absolute paths in commands\n* Added a mutex into the miner installer/injector to make it checkable by the watchdog\n* Reduced the watchdog checking interval for better persistance\n* Removed unused helper functions\n* Rewrote uninstallers miner killer function to work with Process IDs above the ushort limit\n* Changed unicode string initialization from a macro to a function to reduce the final code size\n* Changed string formatting from using the built-in Windows API to instead use a much smaller custom function\n* Moved web panel reporting to happen before CPU idle usage change in order to help make the hashrate look less confusing\n* Improved RandomX database regeneration speed when leaving \"Stealth\" on pools with infrequent new jobs\n* Fixed weird default \"Stealth on Fullscreen\" configuration value when \"Run as System\" was disabled\n* Fixed possible null terminator string length counting problem inside the GPU checking function\n* Reduced unnecessary recursive directory creation function stack size\n* Changed miners execution state to no longer always semi-block sleep mode on some computers\n* Restructured the algorithm selection list to be easier to use\n* Added semi-CLI functionality for building miners through the command line\n* Updated the rootkit to a new version","shortMessageHtmlLink":"Updated to v3.3.0"}},{"before":"1df8bae3c9b7f68cdf7b2602414d9884b7f5ca42","after":"8caef3eec1040ddb982574ccd7cc3d88016f7c09","ref":"refs/heads/master","pushedAt":"2023-04-01T21:55:31.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"UnamSanctam","name":"Unam Sanctam","path":"/UnamSanctam","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/10323655?s=80&v=4"},"commit":{"message":"Updated to v3.2.0\n\n* Changed miner settings from being passed through the command line to instead be passed directly through the PEB\n* Changed XMR miner to clear RAM during \"Stealth\" when possible\n* Changed PEB calls to be more obfuscated due to new detections\n* Changed miner to read the current executable path for installation directly from the PEB instead of a Windows API call\n* Changed miner and watchdog to read the environmental variables directly by traversing the PEB\n* Included rootkit directly inside the miner instead of using the rootkit installer to avoid the new AMSI detections and for more flexibility\n* Changed rootkit to now run outside of the \"Startup\" installation flow to allow for it to run when \"Startup\" is disabled\n* Moved \"Install Rootkit\" out from \"Advanced Options\" and renamed it to \"Use Rootkit (Hide Miner)\" since the rootkit should now be stable\n* Updated compiler command options to reduce detections\n* Added system call registry access functions to allow registry manipulation without using the Windows API or CMD\n* Changed GPU checking to directly read the registry instead of using a WMI command with a file buffer\n* Added signature cloning tab where you can clone the digital certificate of another program into the miner\n* Moved administrator checks from powershell directly into the C++ code\n* Added Task Scheduler \"Startup\" entry checking into the Watchdog\n* Merged obfuscate.h library and obfuscatew.h library into a custom-made unified version called obfuscateu.h\n* Added a custom-made SysWhispersU direct system call generator and removed the previous SysWhispers2\n* Modified SysWhispersU and obfuscateu.h to use different encryptions in order to avoid XOR detections\n* Added simple obfuscation to well-known SysWhispers constants and offsets to avoid static detections\n* Readded explorer.exe as injection option\n* Made explorer.exe the default injection option again\n* Updated uninstaller to instead find the watchdog and miner processes by enumerating system mutex handles to find the owner process\n* Added \"Disable Windows Update\" rollback into the uninstaller to allow the uninstaller to fix Windows Update during uninstallation\n* Updated checker to instead check if the mutex is active to ascertain whether the miner and watchdog is running or not\n* Merged many C++ files together to be able to store them unzipped in the project in order to make all code changes directly visible in commits\n* Optimized and shortened many functions such as the previously verbose process creation function\n* Increased delete pending injection temporary file name length to further decrease collision chance\n* Fixed possible parent spoofing failure if required buffer size changes between system calls\n* Change installation to call reg.exe and schtasks.exe directly when possible instead of through cmd.exe\n* Fixed \"Startup\" installation bug on some systems when \"Entry Name\" contained a space\n* Fixed support for Unicode characters inside the \"Assembly\" settings\n* Updated both miners\n* Added Portuguese (Brazil) translation (MatheusOliveira-dev)","shortMessageHtmlLink":"Updated to v3.2.0"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAADrpetuQA","startCursor":null,"endCursor":null}},"title":"Activity · UnamSanctam/SilentCryptoMiner"}