https://github.com/chibraax/ransomware

Ransomware written in Python3.x
https://github.com/chibraax/ransomware

decryption-key encrypted-files encryption-key gui hack hacking python3 ransomware registre

Last synced: 12 months ago
JSON representation

Ransomware written in Python3.x

• Host: GitHub
• URL: https://github.com/chibraax/ransomware
• Owner: Chibraax
• Created: 2020-07-09T12:31:11.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2020-07-19T10:18:59.000Z (over 5 years ago)
• Last Synced: 2025-01-29T18:22:35.213Z (about 1 year ago)
• Topics: decryption-key, encrypted-files, encryption-key, gui, hack, hacking, python3, ransomware, registre
• Language: Python
• Homepage:
• Size: 179 KB
• Stars: 3
• Watchers: 0
• Forks: 5
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          


# Ransomware Bad Buffoon

Ransomware written in Python3.x

Only works on windows

Can encrypt files with this extension : ['txt','jpg','jpeg','png','docx','doc','gif','html','ico','mp3','mp4','odt','odp','ods','odg','pdf','ppt','pps','pptx','py','zip','tar','md','xls','xlsx','wav','xml','log','exe']

# Dependencies : 

  

  Cryptography

  

  PIL

  

  pyperclip

  

 

 # How the ransomware works ? 

 

  1- Try to find the windows letter partition and create a folder named 'test' into  {}\\Users\\{}\\Appdata\\ 

  

  2- Then download images from Internet 

  

  3- Generate the encryption key 

  

  4- Send the encryption key to the server 

  

  5- Encrypt files and rename them with '.encrypted' 

  

  6- Change wallpaper with a dirty buffoon

  

  7- Send the ransomware file into our folder

  

  8- Add/Check the key in the registre for launch ransom every time victim turn on computer

  

  9- Create a note in Desktop

  

  10- Generate a Identification Key and save it into our folder

  

  11- Write the deadline into a file

  

  12- Launch the GUI 

  

# If decryption key is right :

  1- Decrypt files and rename them without '.encrypted'

  

  2- Delete our folder and delete the key in the registre 

  

# If victim cross the deadline : 

  Delete encrypted files

  

  

  

# Weekness 

  Pretty slow to encrypt big data

  

  Internet connection is fundamental

  

  Can't spread throught a network

  

  If encrypted files are moved or renamed, decryption will probably fail 

  

  

# Server 

  Listen for any connection 

  

  When a connection pop create a file with the IP target , decryption key , time

  

  

  

# If you want use this ransomware 

  Edit line 36 and 37 to setup the ip and port of your server  

  

  Edit line 148 to change the directory to encrypt

  

  Edit the 'check_files' function at line 253 

  

  Edit line 288 

  

  Edit line 606/625/662 to set up your bitcoin address

  

  Edit line 690 to setup the direcotry to decrypt

  

  Edit line 43 on server_ransomware.py to set your path 

  

  If you want to make a executable of this ransomware type : pyinstaller -w --onefile --hidden-import='pkg_resources.py2_warn' ransomware.py