For Support and Advertisement you can contact  701491310 c0defire@xmpp.jp
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[Selling] Cryptolocker :: Ransomware [Offline Ver., Online Ver., Native, С++]
08-01-2019, 04:56 AM,
Post: #1
Cryptolocker :: Ransomware [Offline Ver., Online Ver., Native, С++]
[Image: crlock-advert.png]

========================================
CRYPTOLOCKER [OFFLINE_VERSION, all WIN, С++]
========================================

NOTE
A QUICK and EASY build of offline cryptolocker, correctly encrypted/injected by a non-resident loader, will provide you with a 100% PROFIT.

DESCRIPTION
Quote:With high-quality cryptography, with a protector, with an injection into the process - absolutely imperceptible, very fast.
- -
  • Native, written in C++, without dependencies and other junk.
  • Works on all versions: Windows + Windows Server.
  • Do not need admin rights, bypass the default UAC.
  • Perfectly crypting, does not contain overlays, does not use settings storage resources.
  • Low weight (max 380 kb), the requirement is repeatedly encrypted and sewn in the build.
  • Implemented skip Windows service directories.
  • Strong encryption algorithm, a random key for each file is IMPOSSIBLE to decrypt!
  • Your master key: RSA-2048. Personal key for each machine: RSA. File Encryption: AES.
  • Scans all writeable drives connected to your computer.
  • Pre-encrypt files after reboot, if necessary.
  • Shadow copies are encrypted. Unable to recover files from shadow copies and restore points.
  • A large array of file types for encryption: configured when building a build.
  • It does not communicate with the server, it is completely autonomous.
  • Two options of encryption, in part or in full: configured when building the build
  • With partial encryption, only the first 64 kb of the file is encrypted, if the file is <64 kb, then it is entirely.
  • With full encryption - the entire file is encrypted.
  • When encrypting in each directory creates a requirement, and the desktop - only after completion.
  • The kit includes utilities: complete decryption, decryption of a single file, and key generation + video + description.

FROM YOU
Your data: your name, list of extensions, text, BTC, redemption amount, Jabber or E-mail.

ADDITIONALLY
There is a video of the work of the cryptolocker and the decryption of the locked machine. I will explain all the nuances.
Rebuild (change: extensions, list of file types, text) - $30

PRICE FOR OFFLINE VERSION - $150


===================================================
CRYPTOLOCKER, WEB-PANEL [ONLINE_VERSION, all WIN, С++]
===================================================

NOTE
Build of online cryptolocker is RECOMMENDED for work on Dedik, tk makes requests to the network (to the panel).

DESCRIPTION
Quote:It is possible to independently change the text of the requirement; otstuk in the panel and the generation of the decryption key.
- -
  • Native, written in C ++, without dependencies and other junk.
  • Works on all versions: Windows + Windows Server.
  • Do not need admin rights, bypass the default UAC.
  • Perfectly crypting, does not contain overlays, does not use settings storage resources.
  • Low weight (max 380 kb), the request is received from the server.
  • Implemented skip Windows service directories.
  • Strong encryption algorithm, a random key for each file is IMPOSSIBLE to decrypt!
  • Your master key: RSA-2048. Personal key for each machine: RSA. File Encryption: AES.
  • Scans all writeable drives connected to your computer.
  • Pre-encrypt files after reboot, if necessary.
  • A large array of file types for encryption: configured when building a build.
  • Otstuk in the panel only after the start of encryption.
  • Receives the necessary data from the server.
  • Two options of encryption, in part or in full: configured when building the build
  • With partial encryption, only the first 64 kb of the file is encrypted, if the file is <64 kb, then it is entirely.
  • With full encryption - the entire file is encrypted.
  • When encrypting in each directory creates a requirement, and the desktop - only after completion.
  • The kit includes: a web panel, utilities for full decryption + decryption of a single file, video + description.

FROM YOU
Link to host web panel.

ADDITIONALLY
There is a video of the work of the cryptolocker and the decryption of the locked machine. I will explain all the nuances.
I will assist in the installation of a web panel on a bulletproof hosting.
Rebild (change: extensions of encrypted files, list of file types, link to host) - $30

PRICE FOR ONLINE VERSION - $150


---- CONTACTS ----
Selling here: market.ms (bay0net)
Jabber: bay0net@404.city, zagzig@exploit.im [OTR]
Telegram: @bay0net [PGP]
Message to PM: [PGP]


Public PGP Key
Quote:-----BEGIN PGP PUBLIC KEY BLOCK-----

mQENBFzC2d8BCAC02gol+faarRo4RgdkZiqw6gNPwmfKAXmwvw  h1ibjf0k2MG5WK
hXZ87PT/cXrOpeNRKlXgU4PGoiJgVYkD4ikJAtpHwglZSQOLiBxqnGKNcN  aKdOc6
48BS6ET3btHfjt+1+57t/VPlDIyf/F8ILHylLTUqS4b2Gy3QemDQB9SeIBHPoWFM
UgRSa392LJp+wA8O6a3lsmVN+HlmmyXIgf6vfCfgIa4QYDl5o7  dN7XgoaEJYsWty
CrUXSP20rJPTLCfCtSpjYcOo0usFF611z2Sw0448rZd1hMfcR0  e6RTB8byhhhYac
njwd9uhWsWkfYTFd5S8l6SmPZ0xKXluM2vQ1ABEBAAG0HGJheT  BuZXQgPHp6YWdn
emlnQGdtYWlsLmNvbT6JAVQEEwEIAD4WIQSAi6orjq/cCIfSJiW8vAJVPDOytAUC
XMLZ3wIbAwUJA8Nu8QULCQgHAgYVCgkICwIEFgIDAQIeAQIXgA  AKCRC8vAJVPDOy
tOL+CACNd3nDFQuV05AE1QyHRPaaVvigRaImJB9IqBHB+ti3aQ  veA+1E3lHJCzYN
vSz3swvPgPJNkBjpvyEKYOJLbd5N+zbd60znMmT/+SKHWNihLR1VzprrYEAj06Tc
IZQGGZWPQql/McOg6F3K5QKIpuqPeaydXEAwEclqR7Dc8slu9UJX9RUb9F+ner  2l
ltTbCNCMPTBfVj8w3Iwcx2xXb2rGfxKc6gCO50+WNSHNjsesVR  lfh6Sh30aLPKdG
4cde0lVENDAim4fg8jh/Gn1Ot3qVnTPuSVV0zVcg3F3aZu2UxMiqln1Ctek1LueG
cPKlDR417ZRydaeP1+VyjMU4/B6ouQENBFzC2d8BCADITbFp9YVnBzzmGKxbtV5j
N2s2Nqf3yi+eDx65YNrQP6wpl4KB1E+BBC0lqq4bnQkPIkg70Z  qegeEm4ZuKybam
I49bDIy+o+YpcbORw77Dh+4cWeFbs0gSESfBRsVdhtMrRuZvuW  yDcBcuKlYXN7Wl
03aWYen2NLlS45oh3UaBNuZOkv+U6Y9MnQD8uVmE2gOm2MUih5  MEVCl6IKH0er2J
7XVRvy0cV12EbZBGXHMwJdLiuD2IsjHabg6Lv5GMhWNcM+hWKS  82SeKaEdU0kxnO
F6eU49OcSAAf6Bc4naVaX3G9Xb2kSqk4G3jXNDXpjdNt74Z+o4  RIzB8HLg/XqeCX
ABEBAAGJATwEGAEIACYWIQSAi6orjq/cCIfSJiW8vAJVPDOytAUCXMLZ3wIbDAUJ
A8Nu8QAKCRC8vAJVPDOytErVCACqb+A+pVz5GalDBG7aXpBBuf  SDq+A39ikoYuRr
TZdTxp2ZFTy1M6iSVRRLjtyZARkvqUp+WvpMxVqTe3bQjyNkkb  0pUK5lZaxjlzPR
DHtZl2J33jSjoIZ2cZLhqOXcn371zpVd4H4fsrIdRcaycA6+Xp  L8fMFjtLavtrm9
oTHwqSnkqVggyV4OWxxoYLYRP+Kn3AO6IKIXid9uhIz5B+RhLF  uQvOEK1p3MriFd
2JLA6aoYIhNmo6Dv9snTjG2VI/W43aiZf+t3LOiDLXwMoNxXZz03L4owia2hYzi9
raiZxdAdnTV/edUdmSLAwr/w2QUkCP1G/z1Ellv4w/Yw1Hcd
=lJSq

-----END PGP PUBLIC KEY BLOCK-----

INFO
Quote:We generate maximum profit with the help of cryptolocker.
================================================= ==========
Cryptolocker is an extortionist cryptographer, with an action algorithm aimed at forcing the encryption of computer files according to a certain list of extensions.
While running on the victim's computer, the crypto-fiber encrypts all files according to the list of extensions and uploads the redemption file to each directory it visits.
The redemption file contains text explaining the reasons for encryption, as well as the amount of the ransom for decryption and the contacts of the owner of the cryptolocker (e-mail or jabber).
After encryption, the cryptolocker will be deleted, leaving the encrypted files.
Files are encrypted with a robust algorithm. After encryption, they MUST NOT be decrypted without a special key, which in turn can only be obtained using the decryption key from the owner of the cryptolocker.

Actually, earnings is reduced to the distribution of cryptolocker on computers or servers of potential victims and the further collection of ransom for decrypting files. Decryption of files is carried out by a special utility that comes with a cryptolocker. The victim of the encrypted computer sends the key-file to the e-mail or jabber specified in the request and after payment receives the key and the descrambler with which it decrypts the encrypted files.

The most common ways of delivering cryptolocker to the victim's computers
================================================= ================
+ Social engineering, cold calls, followed by mailing
+ Mailing: docx or pdf (exploit)
+ Search engines: Google, Yandex
+ Search and bruteforcing fatty dedikov
+ Installing loader through shadow services
+ Own virus landing page or web directory on the Internet.

... indicated the most basic ones, although there are much more of them, there are private ways that cost money. Which one you choose is a matter of taste. I have arranged ways to increase both the profit and the investment in them of additional funds. Each method requires a separate tremendous article with its own nuances and "pitfalls".

Example: if you use foreign dedicated server (servers of organizations, firms) with subsequent encryption with a cryptolocker - the price tag starts from $2000.

!!!IMPORTANT!!!
1. I agree to the guarantor
2. Stupids do not sell
3. In the correspondence, use encryption, Public PGP-key above
4. For each cryptolocker (ransomware) I give out LOADER NON-RESIDENT * [~3kb], THE FIRST FREE CRYPT **

* LOADER NON-RESIDENT
Quote:The non-resident algorithm is placed entirely in the executable file, in connection with which it is activated only when it is launched, and when the necessary instructions are executed, it returns control by deleting the executable file (media) from the ROM. As a rule, it is activated only for a short time.
The resident algorithm differs from the non-resident one in that after launching the executive file (carrier) it “settles” in the operative memory (RAM), being fixed in the processes.
--
The issued non-resident loader does not provide penetration into protected systems and does not pass the protection of the AV. Needs encryption (only for scantime).
As is, it is recommended only for work on Dedicated servers or computers without AV. It is very convenient for working with cryptolocker (ransomware) when the latter is laid out on the host.

** CRYPTOR CRYPT [updated stub]
Quote:= possible encryption parameters =
+ input NATIVE, .NET, x32/x64
+ dependence on .Net (v2.0, v4.0)
+ up to 3 detectors
+ lifetime up to 12 hours
+ execute cmd-command
+ Inject in process (6 ways)
+ gluing (inject/drop)
+ launch delay
+ parameters: Melt, AntiVM, Persistence, Disable WinDefender, Adding icons/information

POSSIBLE SETTINGS WHEN ASSEMBLING BUILD
Quote:+ extension for encrypted files
+ list of extensions of encrypted files
+ encryption algorithm (RSA-AES, affects speed)
+ encryption method: entire file or part
+ number of file-requirements
+ names to file-requirements
+ text of the file-requirement (only for offline ver.)
+ file-key directory (only for offline ver.)
+ file-key name (only for offline ver.)
+ autoload (on/off)
+ geomodule (on/off, countries)
Quote
For Support and Advertisement you can contact  701491310 c0defire@xmpp.jp
08-16-2019, 10:19 AM,
Post: #2
RE: Cryptolocker :: Ransomware [Offline Ver., Online Ver., Native, С++]
Added the ability to generate shortcuts with a link to the .onion resource, instead requirements-files.
--
For an cryptolocker (offline version), you can organize the work as follows: when crawling the directories of the attacked machine, the cryptolocker will generate not requirements-files with text, but files of the type OpenTheTorBrouser.html, with a link to the .onion resource: this will be a simple info page (possibly with the organization of receiving BTC, and anything else).
--
What does this give for the offline version of the cryptoclocker? - no need to the rebuild cryptolocker if you want to change the text.
Quote


Possibly Related Threads...
Thread Author Replies Views Last Post
[Selling] RDP - SHOP ONLINE Fernand 0 2,658 12-27-2018, 01:57 PM
Last Post: Fernand

Forum Jump:


Users browsing this thread: 1 Guest(s)
For Support and Advertisement you can contact  701491310 c0defire@xmpp.jp


All rights reserved © 2012-2015 OffensiveCommunity, Designed at WallBB Co Uk
Powered By MyBB, © 2002-2019 MyBB Group.