dEEpEst
☣☣ In The Depths ☣☣
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
- Joined
- Mar 29, 2018
- Messages
- 13,861
- Solutions
- 4
- Reputation
- 32
- Reaction score
- 45,552
- Points
- 1,813
- Credits
- 55,350
7 Years of Service
56%
Angie-Ransomware
Professional ransomware for educational purposes
Angie-Ransomware is x32 bit ransomware that is designed to target mainly x64 Windows but still supports x32 bit of course, She by design can bypass almost all sandboxes by using its own NTDLL stubs from Windows 7 to Windows 10 1809, if the version of windows is newer than Windows 10 1809 will load the addressed from NTDLL.DLL and use them. Another trick that she does is if she is under Wow64 after connecting to master and retrieves a encryption key, she will switch to long mode and operate on x64 user space, this switch is the killer for almost all sandboxes and debuggers and its the biggest defence. Its still under development.
Tools
Visual Studio 2017/2019
Intel System Studio 19.0
Windows SDK 10.0.17763.0
Sysinternals Suite
Make from Mingw
Nasm
Cool people
Some images
Download:
Professional ransomware for educational purposes
Angie-Ransomware is x32 bit ransomware that is designed to target mainly x64 Windows but still supports x32 bit of course, She by design can bypass almost all sandboxes by using its own NTDLL stubs from Windows 7 to Windows 10 1809, if the version of windows is newer than Windows 10 1809 will load the addressed from NTDLL.DLL and use them. Another trick that she does is if she is under Wow64 after connecting to master and retrieves a encryption key, she will switch to long mode and operate on x64 user space, this switch is the killer for almost all sandboxes and debuggers and its the biggest defence. Its still under development.
Tools
Visual Studio 2017/2019
Intel System Studio 19.0
Windows SDK 10.0.17763.0
Sysinternals Suite
Make from Mingw
Nasm
Cool people
This link is hidden for visitors. Please Log in or register now.
Some images
This link is hidden for visitors. Please Log in or register now.
This link is hidden for visitors. Please Log in or register now.
Download: