spykey

Temat: Cryptolocker :: Ransomware [Offline Ver., Online Ver., Native, С++]

Pokaz wyniki od 1 do 3 z 3
  1. #1 Cryptolocker :: Ransomware [Offline Ver., Online Ver., Native, С++] 


    ========================================
    CRYPTOLOCKER [OFFLINE_VERSION, all WIN, С++]
    ========================================

    NOTE
    A QUICK and EASY build of offline cryptolocker, correctly encrypted/injected by a non-resident loader, will provide you with a 100% PROFIT.

    DESCRIPTION
    With high-quality cryptography, with a protector, with an injection into the process - absolutely imperceptible, very fast.
    - -
    • Native, written in C++, without dependencies and other junk.
    • Works on all versions: Windows + Windows Server.
    • Do not need admin rights, bypass the default UAC.
    • Perfectly crypting, does not contain overlays, does not use settings storage resources.
    • Low weight (max 380 kb), the requirement is repeatedly encrypted and sewn in the build.
    • Implemented skip Windows service directories.
    • Strong encryption algorithm, a random key for each file is IMPOSSIBLE to decrypt!
    • Your master key: RSA-2048. Personal key for each machine: RSA. File Encryption: AES.
    • Scans all writeable drives connected to your computer.
    • Pre-encrypt files after reboot, if necessary.
    • Shadow copies are encrypted. Unable to recover files from shadow copies and restore points.
    • A large array of file types for encryption: configured when building a build.
    • It does not communicate with the server, it is completely autonomous.
    • Two options of encryption, in part or in full: configured when building the build
    • With partial encryption, only the first 64 kb of the file is encrypted, if the file is <64 kb, then it is entirely.
    • With full encryption - the entire file is encrypted.
    • When encrypting in each directory creates a requirement, and the desktop - only after completion.
    • The kit includes utilities: complete decryption, decryption of a single file, and key generation + video + description.
    FROM YOU
    Your data: your name, list of extensions, text, BTC, redemption amount, Jabber or E-mail.

    ADDITIONALLY
    There is a video of the work of the cryptolocker and the decryption of the locked machine. I will explain all the nuances.
    Rebuild (change: extensions, list of file types, text) - $30

    PRICE FOR OFFLINE VERSION - $150


    ================================================== =
    CRYPTOLOCKER, WEB-PANEL [ONLINE_VERSION, all WIN, С++]
    ================================================== =

    NOTE
    Build of online cryptolocker is RECOMMENDED for work on Dedik, tk makes requests to the network (to the panel).

    DESCRIPTION
    It is possible to independently change the text of the requirement; otstuk in the panel and the generation of the decryption key.
    - -
    • Native, written in C ++, without dependencies and other junk.
    • Works on all versions: Windows + Windows Server.
    • Do not need admin rights, bypass the default UAC.
    • Perfectly crypting, does not contain overlays, does not use settings storage resources.
    • Low weight (max 380 kb), the request is received from the server.
    • Implemented skip Windows service directories.
    • Strong encryption algorithm, a random key for each file is IMPOSSIBLE to decrypt!
    • Your master key: RSA-2048. Personal key for each machine: RSA. File Encryption: AES.
    • Scans all writeable drives connected to your computer.
    • Pre-encrypt files after reboot, if necessary.
    • A large array of file types for encryption: configured when building a build.
    • Otstuk in the panel only after the start of encryption.
    • Receives the necessary data from the server.
    • Two options of encryption, in part or in full: configured when building the build
    • With partial encryption, only the first 64 kb of the file is encrypted, if the file is <64 kb, then it is entirely.
    • With full encryption - the entire file is encrypted.
    • When encrypting in each directory creates a requirement, and the desktop - only after completion.
    • The kit includes: a web panel, utilities for full decryption + decryption of a single file, video + description.
    FROM YOU
    Link to host web panel.

    ADDITIONALLY
    There is a video of the work of the cryptolocker and the decryption of the locked machine. I will explain all the nuances.
    I will assist in the installation of a web panel on a bulletproof hosting.
    Rebild (change: extensions of encrypted files, list of file types, link to host) - $30

    PRICE FOR ONLINE VERSION - $150


    ---- CONTACTS ----
    Selling here: market.ms (bay0net)
    Jabber: bay0net[email protected], [email protected] [OTR]
    Telegram: @bay0net [PGP]
    Message to PM: [PGP]


    Public PGP Key
    -----BEGIN PGP PUBLIC KEY BLOCK-----

    mQENBFzC2d8BCAC02gol+faarRo4RgdkZiqw6gNPwmfKAXmwvw * h1ibjf0k2MG5WK
    hXZ87PT/cXrOpeNRKlXgU4PGoiJgVYkD4ikJAtpHwglZSQOLiBxqnGKNcN * aKdOc6
    48BS6ET3btHfjt+1+57t/VPlDIyf/F8ILHylLTUqS4b2Gy3QemDQB9SeIBHPoWFM
    UgRSa392LJp+wA8O6a3lsmVN+HlmmyXIgf6vfCfgIa4QYDl5o7 * dN7XgoaEJYsWty
    CrUXSP20rJPTLCfCtSpjYcOo0usFF611z2Sw0448rZd1hMfcR0 * e6RTB8byhhhYac
    njwd9uhWsWkfYTFd5S8l6SmPZ0xKXluM2vQ1ABEBAAG0HGJheT * BuZXQgPHp6YWdn
    emlnQGdtYWlsLmNvbT6JAVQEEwEIAD4WIQSAi6orjq/cCIfSJiW8vAJVPDOytAUC
    XMLZ3wIbAwUJA8Nu8QULCQgHAgYVCgkICwIEFgIDAQIeAQIXgA * AKCRC8vAJVPDOy
    tOL+CACNd3nDFQuV05AE1QyHRPaaVvigRaImJB9IqBHB+ti3aQ * veA+1E3lHJCzYN
    vSz3swvPgPJNkBjpvyEKYOJLbd5N+zbd60znMmT/+SKHWNihLR1VzprrYEAj06Tc
    IZQGGZWPQql/McOg6F3K5QKIpuqPeaydXEAwEclqR7Dc8slu9UJX9RUb9F+ner * 2l
    ltTbCNCMPTBfVj8w3Iwcx2xXb2rGfxKc6gCO50+WNSHNjsesVR * lfh6Sh30aLPKdG
    4cde0lVENDAim4fg8jh/Gn1Ot3qVnTPuSVV0zVcg3F3aZu2UxMiqln1Ctek1LueG
    cPKlDR417ZRydaeP1+VyjMU4/B6ouQENBFzC2d8BCADITbFp9YVnBzzmGKxbtV5j
    N2s2Nqf3yi+eDx65YNrQP6wpl4KB1E+BBC0lqq4bnQkPIkg70Z * qegeEm4ZuKybam
    I49bDIy+o+YpcbORw77Dh+4cWeFbs0gSESfBRsVdhtMrRuZvuW * yDcBcuKlYXN7Wl
    03aWYen2NLlS45oh3UaBNuZOkv+U6Y9MnQD8uVmE2gOm2MUih5 * MEVCl6IKH0er2J
    7XVRvy0cV12EbZBGXHMwJdLiuD2IsjHabg6Lv5GMhWNcM+hWKS * 82SeKaEdU0kxnO
    F6eU49OcSAAf6Bc4naVaX3G9Xb2kSqk4G3jXNDXpjdNt74Z+o4 * RIzB8HLg/XqeCX
    ABEBAAGJATwEGAEIACYWIQSAi6orjq/cCIfSJiW8vAJVPDOytAUCXMLZ3wIbDAUJ
    A8Nu8QAKCRC8vAJVPDOytErVCACqb+A+pVz5GalDBG7aXpBBuf * SDq+A39ikoYuRr
    TZdTxp2ZFTy1M6iSVRRLjtyZARkvqUp+WvpMxVqTe3bQjyNkkb * 0pUK5lZaxjlzPR
    DHtZl2J33jSjoIZ2cZLhqOXcn371zpVd4H4fsrIdRcaycA6+Xp * L8fMFjtLavtrm9
    oTHwqSnkqVggyV4OWxxoYLYRP+Kn3AO6IKIXid9uhIz5B+RhLF * uQvOEK1p3MriFd
    2JLA6aoYIhNmo6Dv9snTjG2VI/W43aiZf+t3LOiDLXwMoNxXZz03L4owia2hYzi9
    raiZxdAdnTV/edUdmSLAwr/w2QUkCP1G/z1Ellv4w/Yw1Hcd
    =lJSq

    -----END PGP PUBLIC KEY BLOCK-----
    INFO
    We generate maximum profit with the help of cryptolocker.
    ================================================= ==========
    Cryptolocker is an extortionist cryptographer, with an action algorithm aimed at forcing the encryption of computer files according to a certain list of extensions.
    While running on the victim's computer, the crypto-fiber encrypts all files according to the list of extensions and uploads the redemption file to each directory it visits.
    The redemption file contains text explaining the reasons for encryption, as well as the amount of the ransom for decryption and the contacts of the owner of the cryptolocker (e-mail or jabber).
    After encryption, the cryptolocker will be deleted, leaving the encrypted files.
    Files are encrypted with a robust algorithm. After encryption, they MUST NOT be decrypted without a special key, which in turn can only be obtained using the decryption key from the owner of the cryptolocker.

    Actually, earnings is reduced to the distribution of cryptolocker on computers or servers of potential victims and the further collection of ransom for decrypting files. Decryption of files is carried out by a special utility that comes with a cryptolocker. The victim of the encrypted computer sends the key-file to the e-mail or jabber specified in the request and after payment receives the key and the descrambler with which it decrypts the encrypted files.

    The most common ways of delivering cryptolocker to the victim's computers
    ================================================= ================
    + Social engineering, cold calls, followed by mailing
    + Mailing: docx or pdf (exploit)
    + Search engines: Google, Yandex
    + Search and bruteforcing fatty dedikov
    + Installing loader through shadow services
    + Own virus landing page or web directory on the Internet.

    ... indicated the most basic ones, although there are much more of them, there are private ways that cost money. Which one you choose is a matter of taste. I have arranged ways to increase both the profit and the investment in them of additional funds. Each method requires a separate tremendous article with its own nuances and "pitfalls".

    Example: if you use foreign dedicated server (servers of organizations, firms) with subsequent encryption with a cryptolocker - the price tag starts from $2000.
    !!!IMPORTANT!!!
    1. I agree to the guarantor
    2. Stupids do not sell
    3. In the correspondence, use encryption, Public PGP-key above
    4. For each cryptolocker (ransomware) I give out LOADER NON-RESIDENT * [~3kb], THE FIRST FREE CRYPT **

    * LOADER NON-RESIDENT
    The non-resident algorithm is placed entirely in the executable file, in connection with which it is activated only when it is launched, and when the necessary instructions are executed, it returns control by deleting the executable file (media) from the ROM. As a rule, it is activated only for a short time.
    The resident algorithm differs from the non-resident one in that after launching the executive file (carrier) it “settles” in the operative memory (RAM), being fixed in the processes.
    --
    The issued non-resident loader does not provide penetration into protected systems and does not pass the protection of the AV. Needs encryption (only for scantime).
    As is, it is recommended only for work on Dedicated servers or computers without AV. It is very convenient for working with cryptolocker (ransomware) when the latter is laid out on the host.
    POSSIBLE SETTINGS WHEN ASSEMBLING BUILD
    + extension for encrypted files
    + list of extensions of encrypted files
    + encryption algorithm (RSA-AES, affects speed)
    + encryption method: entire file or part
    + number of file-requirements
    + names to file-requirements
    + text of the file-requirement (only for offline ver.)
    + file-key directory (only for offline ver.)
    + file-key name (only for offline ver.)
    + autoload (on/off)
    + geomodule (on/off, countries)
    Odpowiedź z Cytatem  
     

  2. #2  


    Added the ability to generate shortcuts with a link to the .onion resource, instead of test requirements-files.
    -
    For an offline version of the cryptolocker, you can organize the work as follows: when crawling the directories of the attacked machine, the cryptolocker will not generate requirements-files with text, but shortcuts like OpenTheTorBrouser.html, with a link to the .onion resource: this will be a simple info page (possibly with the organization of receiving BTC, and anything else).
    -
    What does this give for the offline version of the cryptoclocker? - rebuilding is no longer needed, if you want to change the text.
    Odpowiedź z Cytatem  
     

  3. #3  
    The update was carried out: the code was cleaned from the AV-detects, in places it was completely rewritten. Build weight (online/offline version) is halved.
    -
    After encryption, the cryptolocker sets the wallpaper on the desktop (the function can be deactivated). I accept orders for the development of personal wallpapers with your information: image, QR-code with data, etc.
    Odpowiedź z Cytatem  
     

Podobne wątki

  1. Ransomware *.arena -szyfrowanie plików
    Przez walkerfreeman
    w forum Kryptografia/Szyfrowanie
    Odpowiedzi: 4
    Ostatni post / autor: 12-12-2017, 23:08
  2. Tylko dla zaawansowanych / Przywrucenie plików SAGE 2.2 Ransomware
    Przez tomalaaa
    w forum Dla początkujących
    Odpowiedzi: 4
    Ostatni post / autor: 19-10-2017, 18:22
  3. airodump-ng native deivers nie chce działać
    Przez karolciu
    w forum Sieci bezprzewodowe
    Odpowiedzi: 0
    Ostatni post / autor: 16-05-2010, 11:44
  4. keylogger offline
    Przez byrt
    w forum Głupie pytania i jeszcze głupsze odpowiedzi. - spora dawka humoru ...
    Odpowiedzi: 0
    Ostatni post / autor: 03-06-2009, 18:45
  5. msn offline pozorowany
    Przez monika1234
    w forum Komunikatory
    Odpowiedzi: 2
    Ostatni post / autor: 09-10-2007, 23:59
Uprawnienia
  • Nie mozesz zakładać nowych tematów
  • Nie mozesz pisać wiadomosci
  • Nie mozesz dodawać załączników
  • Nie mozesz edytowac swoich postów
  •