10 Years of Service
46%
Found this after a good friend was almost infected by it. Its a rather maturely coded ransomware as compared to some other crap
that i have seen a while, wasn't hard to reverse it though
Panel Image:
Features include:
- Encryption algoritm is AES 256.
- The ransomware will encrypt all files stored on:
Network drives, Network Shares, Usb Drives/sticks, Externals Disks, Internal Disks, Games (Steam), Onedrive, Dropbox, Google Drive (any cloud service that is running on the machine).
- It encrypts all files It's not extension based. The max file size limit is 30 mb, you can change that if you want.
The reason is to keep the performance high, while targetting most files.
- All shadow copies are being permanently deleted upon execution.
- The old non-encrypted files are being overwritten 10 times, and then deleted permanently. Only the encrypted files will be left back.
The recyclebin is being overwritten 10 times and deleted permanently as well.
- It will avoid heuristic detections by calculating differnt math algorithms.
- Persistence startup.
- Machine Domain check. If the victims pc is joined to a domain (company machine) the ransom will be 10x bigger (you can change that).
PS: Requires autoit version v3.3.14.2 to compile ++ I Haven't included the panel....anyone who want's one can code his\her own (to prevent skid misuse).
Download Link:
[hide-thanks]
Link:
[/hide-thanks]
that i have seen a while, wasn't hard to reverse it though
Panel Image:
Features include:
- Encryption algoritm is AES 256.
- The ransomware will encrypt all files stored on:
Network drives, Network Shares, Usb Drives/sticks, Externals Disks, Internal Disks, Games (Steam), Onedrive, Dropbox, Google Drive (any cloud service that is running on the machine).
- It encrypts all files It's not extension based. The max file size limit is 30 mb, you can change that if you want.
The reason is to keep the performance high, while targetting most files.
- All shadow copies are being permanently deleted upon execution.
- The old non-encrypted files are being overwritten 10 times, and then deleted permanently. Only the encrypted files will be left back.
The recyclebin is being overwritten 10 times and deleted permanently as well.
- It will avoid heuristic detections by calculating differnt math algorithms.
- Persistence startup.
- Machine Domain check. If the victims pc is joined to a domain (company machine) the ransom will be 10x bigger (you can change that).
PS: Requires autoit version v3.3.14.2 to compile ++ I Haven't included the panel....anyone who want's one can code his\her own (to prevent skid misuse).
Download Link:
[hide-thanks]
Link:
This link is hidden for visitors. Please Log in or register now.
[/hide-thanks]
Last edited by a moderator: