Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/darxisr/cryline-v3.0

Cryline project - It's a simple test ransomware for Windows OS without stable encryption. Pls use this source code for study purposes only. The author is't responsible for your actions.
https://github.com/darxisr/cryline-v3.0

aes-encryption assembly cplusplus dotnet encryption malware programming ransomware security source-code windows

Last synced: 23 days ago
JSON representation

Cryline project - It's a simple test ransomware for Windows OS without stable encryption. Pls use this source code for study purposes only. The author is't responsible for your actions.

Host: GitHub
URL: https://github.com/darxisr/cryline-v3.0
Owner: DarxiSR
License: mit
Created: 2021-02-14T15:33:29.000Z (almost 4 years ago)
Default Branch: main
Last Pushed: 2024-06-27T02:27:30.000Z (7 months ago)
Last Synced: 2024-06-27T04:52:36.071Z (7 months ago)
Topics: aes-encryption, assembly, cplusplus, dotnet, encryption, malware, programming, ransomware, security, source-code, windows
Language: C#
Homepage: https://t.me/Darxis
Size: 3.38 MB
Stars: 5
Watchers: 1
Forks: 5
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE
- Security: SECURITY.md

Awesome Lists containing this project

README

------------------
# INFORMATION #
------------------

## Contact
* Email: [email protected]
* Telegram: @Darxis
* Jabber: [email protected]
* HackTheBox: https://www.hackthebox.eu/profile/37928
------------------

## Encoder
* IDE: Visual Studio 2013 (Ultimate)
* Language: C# (.NET)
* OS Support: Windows XP, Windows 7, Windows 8, Windows 10
* Components: .NET Framework 4.5+
* Details: This malware encrypts all files on disk C/D/E/I...etc
* Additionally: This malware using AES-256 cipher. ATTENTION! I didn't implement the encryption key storage function!
* Info: Please, open this malware in the virtual machine. Thanks.
------------------

## SHELLBUILDER
* IDE: Visual Studio 2013 (Ultimate)
* Language: C# (.NET)
* OS Support: Windows XP, Windows 7, Windows 8, Windows 10
* Components: .NET Framework 4.5+
* Details: This utility will convert any file to shellcode, which can extract the LOADER component.
* Additionally: This utility using BASE64 hash-function to create shellcode.
* Info: Utility IS NOT dangerous. You can run and test without Virtual Machine!
------------------

## BOOTLOADER
* IDE: Visual Studio 2013 (Ultimate) OR Dev-C++ AND FLAT-Assembler(FASM)
* Language: C++ AND Assembler
* OS Support: Windows 2000, Windows XP, Windows 7, Windows 8, Windows 10
* Components: Microsoft Visual C++
* Details: This malware patched Master Boot Record
* Additionally: ATTENTION! This malware is VERY dangerous because it modifies the OS boot modules
* Info: Please, open this malware in the virtual machine. Thanks.
------------------

## LOADER
* IDE: Visual Studio 2013 (Ultimate)
* Language: C# (.NET)
* OS Support: Windows XP, Windows 7, Windows 8, Windows 10
* Components: .NET Framework 4.5+
* Details: This malware - it's a simple dropper. He's extracted bootkit and encoder in the TEMP folder and execute them
* Additionally: ATTENTION! Malware works is very quickly. Infects OS in a couple of minutes and modifies the registry keys!
* Info: Please, open this malware in the virtual machine. Thanks.
------------------

## FRAMEWORKS
* It's a simple package where the utilitis necessary for compilation and for the successful operation of the malware are located.
------------------

## WORM
* IDE: Visual Studio 2013 (Ultimate)
* Language: C# (.NET)
* OS Support: Windows XP, Windows 7, Windows 8, Windows 10
* Components: .NET Framework 4.5+
* Details: This malware infected files which useing .NET Framework
* Additionally: ATTENTION! Malware works is very quickly. Infects OS in a couple of minutes and modifies the registry keys!
* Info: Please, open this malware in the virtual machine. Thanks.
------------------