Ghost Persistence
Utilizes the WinDisplayColorHelper registry decoy to survive system reboots and blend into legitimate Windows background processes.
About the Module
The AntarYami Keylogger is a high-performance endpoint surveillance agent designed for advanced telemetry and user-behavior analytics. Unlike traditional loggers, it operates at the Low-Level Hook layer, ensuring it captures every interaction with zero latency. It is engineered to bypass standard forensic detection while maintaining a persistent link to the V-Intel C2 Infrastructure.
Operational Features
Context Awareness
Integrated with pygetwindow hooks to map keystrokes to specific applications, providing a structured timeline of user activity.
RAM-Only Exfiltration
Maintains an encrypted word_buffer in memory. Data is transmitted via SSL-bypass threads, leaving no forensic traces on the physical disk.