PushpenderIndia/Sinister

doesn't send logs after OS restart

Opened this issue · 1 comments

Hi
technowlogger doesn't send logs after OS restart

It Works Perfectly fine!
It adds a registry in windows to become persistence,

This is the registry path where you can file the malicious entry of this keylogger
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Whenever keylogger starts, it tries to become persistence, but if the file is already replicated in the Appdata folder where the evil file is stored, then it just runs the evil code of keylogger and didnot execute the persistence codes

check your appdata folder, you might forget to remove previous created keylogger completely, and that is why when fresh created keylogger runs it founds already replicated evil code,

and due to which, it might skip the persistence codes.

Please check this registry, and find whether the keylogger is adding a entry or not by the name of svchost