Search the Community

Showing results for tags 'ransomware'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Cracking Zone
    • Cracking Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
    • Windows Phone
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Premium Accounts
    • Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Cracking Zone PRIV8
    • Cracking Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area


There are no results to display.

There are no results to display.

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start








Found 19 results

  1. itsMe

    Ransomware Decryptors

    [Hidden Content]
  2. GonnaCry Ransomware GONNACRY – LINUX RANSOMWARE THAT ENCRYPTS ALL USER FILES GonnaCry Rasomware Original Repository of the GonnaCry Ransomware. This project is OpenSource, feel free to use, study and/or send pull request. GonnaCry is a linux ransomware that encrypt all user files with strong encryption scheme. There is two versions of the Ransomware Code: C and Python. How this ransomware works: [Hidden Content] [Hidden Content] How this ransomware encryption scheme works: [Hidden Content] Mentions: [Hidden Content] [Hidden Content] [Hidden Content] Disclaimer This Ransomware musn't be used to harm/threat/hurt other person's computer. It's purpose is only to share knowledge and awareness about Malware/Cryptography/Operating Systems/Programming. GonnaCry is a academic ransomware made for learning and awareness about secutiry/cryptography. Be aware running C/bin/GonnaCry or Python/GonnaCry/ Python/GonnaCry/bin/gonnacry in your computer, it may harm. What's a Ransomware? A ransomware is a form of malware that prevent legitimate users from accessing their device or data and asks for a payment in exchange for the stolen functionality. They have been used for mass extortion in various forms, but the most successful seem to be encrypting ransomware: most of the user data are encrypted and the key can be retrieved with a payment to the attacker. To be widely successful a ransomware must fulfill three properties: Property 1: The hostile binary code must not contain any secret (e.g. deciphering keys). At least not in an easily retrievable form, indeed white box cryptography can be applied to ransomware. Property 2: Only the author of the attack should be able to decrypt the infected device. Property 3: Decrypting one device can not provide any useful information for other infected devices, in particular the key must not be shared among them. Objectives: encrypt all user files with AES-256-CBC. Random AES key and IV for each file. Works even without internet connection. Communication with the server to decrypt Client-private-key. encrypt AES key with client-public-key RSA-2048. encrypt client-private-key with RSA-2048 server-public-key. Change computer wallpaper -> Gnome, LXDE, KDE, XFCE. Decryptor that communicate to server to send keys. python webserver Daemon Dropper Download: [HIDE][Hidden Content]]
  3. dEEpEst

    Angie Ransomware

    Angie-Ransomware Professional ransomware for educational purposes Angie-Ransomware is x32 bit ransomware that is designed to target mainly x64 Windows but still supports x32 bit of course, She by design can bypass almost all sandboxes by using its own NTDLL stubs from Windows 7 to Windows 10 1809, if the version of windows is newer than Windows 10 1809 will load the addressed from NTDLL.DLL and use them. Another trick that she does is if she is under Wow64 after connecting to master and retrieves a encryption key, she will switch to long mode and operate on x64 user space, this switch is the killer for almost all sandboxes and debuggers and its the biggest defence. Its still under development. Tools Visual Studio 2017/2019 Intel System Studio 19.0 Windows SDK 10.0.17763.0 Sysinternals Suite Make from Mingw Nasm Cool people [Hidden Content] Some images Download: [HIDE][Hidden Content]]
  4. Level23HackTool

    Android Ransomware

    [Hidden Content]
  5. [Hidden Content]
  6. dEEpEst

    Simple Ransomware

    Simple Ransomware Description This is a simple ransomware build with C# Automatically create parent application, can replace address BTC you're copying (BTC Stealer) Combine using fake application [Hidden Content]
  7. [Hidden Content]
  8. Ransomware Forces Two Chemical Companies to Order ‘Hundreds of New Computers’ It appears that LockerGoga, the same ransomware that hit aluminum manufacturing giant Norsk Hydro this week, also infected American chemicals companies Hexion and Momentive, leaving employees locked out of their computers.
  9. Features of the bot: - Graber cards - Spam on user contacts - Calling the number - Forwarding incoming calls - Launching user applications - Automatic withdrawal of fake notifications, with taken bank icons - Interception, block-deleting incoming SMS, sending, including short numbers - Download all user application names - Graber contacts - Screen locker - Launch pages in the browser - Launch user applications - Search for Bank applications - Browser history graber - Socks5 module - Sending USSD - Geolocation - Spam by number base Admin panel: Detailed statistics on countries, app, url histories, selerians, etc. The ability to issue commands to a particular bot, group, as well as all newcomers. Search by imei, sorting by installed applications, online bots, seler, countries. Cleaning of old logs. Separate statistics for traffic. Jabber notification. There is a possibility to load their injections, with the admin panel. Search by SMS, logs. Searching for links by history. The statistics for the tasks that have been issued are fulfilled. Etc. Additional info: The size of the bot is 150 kb. Stable work on Android 4-7. For basic work, root rights are not required. Request admin rights. To change the phone password, you need the admin rights (requested when installing). Change the password to Android Nougat (Android 7) version in part. Sending and intercepting SMS on all versions, deleting up to 4.4, downloading all SMS from 4.4, block SMS over 4.4 via SMS manager / Screen Locker (when locked via SMS manager, SMS is not seen only by the Holder). Permanent withdrawal of bank (fake) notifications with bank icons, the text can be set with the admin panel when you click on the message the injection is started. In the presence of injections of euro countries, they are bundled with a bot. An additional functional is possible. Android Bot Loki We want to offer a bot of our own developments. A completely new bot engine, the wishes of the customers are part of the functions of are automated, advanced functionality. Bot features: - Card grabber - Phone contacts spam - Custom numbers spam - Call to number - Incoming call forwarding - Start user applications - Automatic invoke fake notifications with custom icons - Catch, block, delete incoming SMS. Sent new SMS - Get list of user applications - Contact grabber - Screen locker - Web application browser - Bank applications searching - Browser history grabber - Socks5 module - Geolocation Admin panel: Detalized statistics of countries, app, history, sellers etc ... Ability for send command to one, list , or only new bots. IMEI search. Sort by installed applications, online, sellers, countries. Cleanup old logs Dedicated statistics for sellers. Jabber notifications. Admin panel have an ability to upload your own injects. SMS, logs searching. History links searching. Task statistiks. Additional information: Bot size: 150kb Bot is working with Android 4-7 Root permissions is NOT required for common actions. There are request for getting root permissions Root permissions required for Image phone password changing Phone password changing for All Android Nougat (All Android 7) of Post Send and catch statement SMS works on all All Android versions, the delete works only for 4.4, download and block SMS works All Android 4.4 and newest Permanent display bank notifications with custom text from admin panel. Bot have injects for euro countries. \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Loki admin panel install instructions: apt-get update && apt-get upgrade -y apt-get install apache2 libapache2-mod-php5 mysql-server php5 php5-mysql -y apt-get install default-jre default-jdk -y Debian 7: apt-get install ia32-libs lib32z1 lib32ncurses5 -y Debian 8: dpkg --add-architecture i386 apt-get update apt-get install libstdc++6:i386 libgcc1:i386 zlib1g:i386 libncurses5:i386 lib32z1 lib32ncurses5 Next: wget [Hidden Content] wget -O apktool.jar [Hidden Content] chmod +x ~/apktool.jar chmod +x ~/apktool mv ~/apktool.jar /usr/local/bin/ mv ~/apktool /usr/local/bin/ Next: unpack loki.tar to new dir. something like that: tar xf loki.tar -C /var/www/ change files owner: chown -R www-data:www-data /var/www/ Run: mysql create database loki; grant all privileges on loki.* to loki@localhost identified 'DB_PASSWORD'; grant all privileges on loki.* to loki@localhost identified by 'DB_PASSWORD'; quit import bd file loki4dev.sql: mysql loki < /var/www/site/loki4dev.sql mysql -u root -pbolonka1 loki </var/www/site/loki4dev.sql Edit: /var/www/site/db.php and enter mysql database access: db: loki db user: loki db password: DB_PASSWORD DONE!!!! address admin panel [Hidden Content] or [Hidden Content] login with name bot4fun and password J1HPbmr ...................................................................... Download: [HIDE][Hidden Content]] Password:
  10. TheFOX

    Philadelphia ransomware

    Philadelphia ransomware is a RaaS which let you create and manage your own ransomware Comes with usb spread lab spread and blah blah blah How to use 1.Download 2.Open 3.Create bridge and upload on any webhost or shelled website 4.enter bridge url bridge and create payload and change btc address and ammount Download [Hidden Content] Don't forget to give +rep ::Blackhat::
  11. This decryptor is intended to decrypt the files for those victims affected by the ransomware PyLocky This decryptor is built to be executed on Windows systems only and it does require a PCAP of the outbound connection attempt to the C&C servers. This connection is seen seconds after the infection occurs and it will contain, among other info, the Initialization Vector (IV) and a password (both generated randomly at runtime) used to encrypt the files. Without this PCAP containing these values, the decryption won't be possible. The structure of the outbound connection contains an string like: PCNAME=NAME&IV =KXyiJnifKQQ%3D%0A&GC=VGA+3D&PASSWORD=CVxAfel9ojCYJ9So&CPU=Intel%28R%29+Xeon%28R%29+CPU+E5-1660+v4+%40+3.20GHz&LANG=en_US&INSERT=1&UID=XXXXXXXXXXXXXXXX&RAM=4&OSV=10.0.16299+16299&MAC=00%3A00%3A00%3A00%3A45%3A6B&OS=Microsoft+Windows+10+Pro [HIDE][Hidden Content]]
  12. dEEpEst

    ransomware GLEAM Ransomware Attack

    Version 2.0.0

    GLEAM Ransomware Attack v2 Ransonware Private Rescue of 300 dollars Options: Encrypted key BTC DisableTaskMgr Start with windows Start Run windows shell CryptoPay payment geteway Kidnapper languages: Buy the hijacker for $ 200


  13. Download: [HIDE][Hidden Content]] Password:
  14. Download: [HIDE][Hidden Content]] Password:
  15. Download: [HIDE][Hidden Content]] Passwoord:
  16. dEEpEst

    ransomware YourRansom

    YourRansom YourRansom is an encryption tool written in Golang. It has built-in encryption parameters, random key generation, and online download of readme files. The design is based on the design idea of [Landomware]. Or in other words, this is a self-made learning [ransomware] imitation. In the next is just a new, the program is also very naive, please feel a little more painful love. Compile yourself Because YourRansom builds the encrypted configuration into the compiled binaries, if you want to use your own YourRansom, you need to adjust the parameters and compile your own YourRansom . Preparation environment YourRansom is written in Golang, and you need to prepare the corresponding Golang environment before compiling, or compile it in an online environment such as cloud9 (usually you need to install the Golang environment yourself). You can then get the source file of YourRansom from GitHub via go get: go get Configuration parameter YourRansom stores the configuration in a binary file, but it doesn't store the original data directly (it used to be, then I feel so too young, too simple and sometimes naive, so I changed to the current mode), but stored the JSON format configuration file using DES The string obtained after encryption and base64. I specifically provided a configuration generator and template file for this: YourRansom/confGen, just fill in the data in the form, and then execute confGen to get the configuration information. [HIDE][Hidden Content]]
  17. dEEpEst

    SITCON Ransomware

    [Hidden Content]
  18. yoyohoneysinger

    Ransomware Petya

  19. dEEpEst

    ransomware Ladon Ransomware

    Download: [HIDE][Hidden Content]] Password: