Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

 

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      Sign in to follow this  
      dEEpEst

      pycryptor Ransomware

      Recommended Posts

      pycryptor

      A short, sweet, PoC Python Ransomware (+A file vault for protecting the users files) using Advanced Encryption Standards. The program uses the AES-GCM-256 for its work.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Share this post


      Link to post
      Share on other sites
      Guest
      This topic is now closed to further replies.
      Sign in to follow this  

      • Similar Content

        • By shahg
          Hi anyone has  Stampado  ransomware  kndly share it  Thx
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. DeathRansom - A Ransomware Developed In Python, With Bypass Technics, For Educational Purposes
          What is a ransomware?
          A ransomware is malware that encrypts all your files and shows a ransom request, which tells you to pay a set amount, usually in bitcoins (BTC), in a set time to decrypt your files, or he will delete your files.
          How it works?
          First, the script checks if it's in a sandbox, debugger, vm, etc, and try bypass it.
          It then encrypts all files starting with the defined directory on the line 60 in deathransom.py.
          Then, downloads the ransom request script, disable cmd, taskmanager and the registry tools. And starts the counter to delete the files.
          Bypass Technics
              Anti-Disassembly
          Creates several variables to try to make disassembly difficult.
              Anti-Debugger
          Checks if a debugger is active using the ctypes function: windll.kernel32.IsDebuggerPresent()
              Anti-Vm
          Checks if the machine's mac is the same as the standard vms mac.
              Anti-Sandbox
              Sleep-Acceleration
          Some sandboxes speed up sleep, this function checks if nothing out of the ordinary has occurred.
              Sandbox in Process
          Checks if have any sandbox in running processes
              Display-Prompt
          Shows a message, if the user interact with the pop up, the malware will be executed.
              Idle-Time
          Sleeps for a while and proceed. Some sandboxes wait for a while and stop running, that tries to bypass this.
              Check-Click
          If the user does not click the number of times necessary the malware not will be executed.
              Check-Cursor-Pos
          If the user not move the mouse in a seted time the malware not be executed.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Ransomware Defender
          Scans, Detects and Protects
          from Ransomware Malicious Attempts!
          Overview
          ShieldApps’ Ransomware Defender deals with known ransomware in a way no other solution can. Specially designed for detecting and blocking ransomware prior to any damage, Ransomware Defender blacklists and stops both common and unique ransomware. Once installed, Ransomware Defender stands guard 24/7 utilizing active protection algorithms enhanced with user-friendly alerts and notifications system.
          Ransomware Defender is fully automated, taking care of all threats via an advanced Scan > Detect > Lock Down mechanism that proactively stands guard to detected threats, and works alongside all main antiviruses and anti-malware products!
          Ransomware Defender also features a scheduled automatic scan, secured file eraser, lifetime updates and support!
          NEW! – added protection from online threats! Ransomware Defender will block malicious websites and online scripts from attacking your computer.
          Hidden Content
          Give reaction to this post to see the hidden content.
          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. What is nodeCrypto?
          nodeCrypt is a linux Ransomware written in NodeJs that encrypt predefined files.
          This project was created for educational purposes, you are the sole responsible for the use of nodeCrypto.
          To Do
              GUI exe creator
                  Edit basic variable
                  Export cross-plateform
              Client (victim)
                  Encrypt webserver
                  Use private key for encryption
                  Adapt SSL
              Server
                  Recover data (user + encrypted file)
                  Format the database
                  Make GUI for webserver
              Make an executable to decrypt the files (Only on request! Contact me)

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By dEEpEst
          Verci Spy System RAT | Ransomware | NSA Exploits | UAC | Spread
          Verci Spy System  OR Verci_Spy_System
            Hidden Content
          Give reaction to this post to see the hidden content. This Tool Was Designed By US,This Tool is a Remote Access Trojan That you can Take over any Windows machine into your control and can do many things within that infected PC , also the infected PC will have a virus that will spread rapidly within usb-sticks and make other safe PCs infected too , by inserting the usb into it and click any of the shortcuts and so on . That Tool was designed for some educational purposes and some testing for PC security and we are not responsible for any illegal use for it , this tool also designed for a Better Hacking Visual Effects , that can deliver you a feeling of real hacker , you can use it within hacking movies , and have some animations and a localization map for detecting victims allover the world ,and Verci Wasn`t Cracked after it`s trial version was release , but the installer wasn`t cracked before , also Our XPR Tool , but we will not going into same mistake and not release any trial version for free .     and this is program options that you can do with the infected PC and you took control on it :     1-UAC (User Access Control) Manager (Enable or Disable)   2-Open remote Webcam / Microphone   3-Control Remote Desktop   4-File Manager Controller   5-Process Manager   6-Regedit Controller   7-Services Manager   8-Devices & Printers Viewer   9-Active Windows Manager   10-View Remote WiFi Networks   11-View Saved WIFI Passwords   12-Ransomwares [ You Have 2 Ransomwares] (Try anyone you wish)   13-WiFi Hotspot Creator [Use any other device to check the Hotspot]   14-Lan Computer Manager [Lan Spread (Premium Only)]   15-Network Connections/Drivers Manager   16-Scan Remote websites ports   17-Scan Lan network devices ports   18-Manage installed Programs   19-Unmovable chat system   20-Clipboard Manager [Images & Text] (Set & Get Clipboard)   21-Remote Command prompt   22-Code Compiler   23-Saved Password Stealer (Updated)   24-Remote Keylogger (Offline/Online)   25-DDOS Attack Manager / Http Flooder   26-Full Computer information Manager   27-(Installed Pyhton Scripts) a) This Option allow you to install Sqlmap Script in Client PC and Hack any infected sites using it _By this way Client PC will be saved in site logs not your PC   28-Run File (From Disk/Url)   29-Open Url (Default Browser)[Or](Any Browser)   30-Automatic Victim Transfer Option [Transfer to any host or external IP]   31- NoIP Updater   32-Ransomware Builder [Build own Ransomware with your own Bitcoin]   33-Notify With Client Webcam image   34-Spam options :       a) You can open fake Facebook login page in Client PC and grab passwords in keylogger       b) You can open fake Paypal login page in Client PC and grab passwords in keylogger       c) You can open fake Visa card number confirmation page in Client PC and grab information in keylogger   36-Auto Share Client Drivers over Lan     Ransomware Builder Manager :   This is the scheme of Ransomware       *) Generate Random password of 15 random chosen Characters       *) Start Encrypting all files exist in user Directory using the password       *) Kills explorer.exe       *) Kills Microsoft.Exchange       *) Kills MSExchange       *) Kills sqlserver.exe       *) Kills sqlwriter.exe       *) Kills mysqld.exe       *) Delete all Shadow copies       *) Usb spread (shortcut)[.lnk]       *) Keep loop to Encrypt all files exist in other Drives using the password     Available Trojans : 2 Trojans - 2 Downloaders: a) Full Control (Size : 400 Kilobytes) b)Worm Control (Size : 170 Kilobytes) c).exe Downloader (Size : 11 Kilobytes) d).vbs Downloader (Size : 909 Bytes)   Preview Image 1 :
          You can now Enter Free Port  You Choose Manual and Click Ok
            Hidden Content
          Give reaction to this post to see the hidden content. Preview Image 2 :
          Fast Look Hidden Content
          Give reaction to this post to see the hidden content.
          To Exit FullScreen Press "Click To Restore"   Downloads: Hidden Content
          Give reaction to this post to see the hidden content.