English at end![/SIZE]
Криптолокер шифрует все файлы на компьютере жертвы. Если жертва не заплатит выкуп (например : 3 000$) , все файлы будут утеряны навсегда! Домашнее задание, личные фотографии/музыка/видео, документы, базы данных, биткойн wallet.dat, исходные коды, презентации Power Point и тд. Все будет зашифровано.
Информация о том , что такое криптолокер : corporate@swissjabber.ch
PM: DoctorC[/QUOTE]
A Crypto Trojan encrypts all files on a victim's computer with an unbreakable encryption. If the victim does not pay ransom (for example: $3,000) their files are lost forever! College work, personal photos/videos/music, documents, databases, bitcoin wallet.dat files, source codes, power point presentations etc… are encrypted!
Here is information on what a Crypto Trojan (Encrypting Ransomware) is: http://en.wikipedia.org/wiki/CryptoLocker
Features of Exaction Cryptolocker:
- Encryption algorithm
Exaction Crypto Locker uses military grade AES 256 bit encryption. Ensures file recovery is not possible without decryption key.
A 256 bit key is randomly generated upon execution and sent to C&C. This key is different for every computer and is not stored in binary.
Files are only encrypted once key and the users's HWID have been successfully submitted to the panel.
AES encryption cannot be cracked, and would take millions of years to bruteforce the key.
- AV software cannot decrypt files
AV software created to decrypt files does not decrypt Exaction Crypto Locker files:
+Panda Ransomware Decrypt Tool
+BitDefender Decrypt
+Kaspersky RannohDecryptor
+Kaspersky RectorDecryptor
+Kaspersky XoristDecryptor
Contact support to test against other decrypt programs
- Files in all locations are encrypted
All user files inside of all folders are encrypted if accessible (for example: whole computer all folders, MyDocs, A:\\, B:\\, C:\\ and external media USBs etc...) except for important windows operating system files.
- Secure file erasion (3 passes)
Securely deletes the original file to prevent recovery.
- Creates message (in a .txt)
In every folder there will be a message in Attention-User!.txt This is where the user reads instructions on how to decrypt files.
- Compatible with crypters
All crypters should work as Exaction Crypto Locker does not use EOF etc... which makes crypting problamatic.
- Completely invisible
No GUI, warning etc... is shown to prevent user from becoming alarmed.
- Empties recycle bin
Recyle bin is encrypted, however this will empty recycle bin on all drives.
- Detailed information:
Coded in C++
No dependencies .net framework, java, vb6 runtimes, msvcrt100.dll
Tested Windows computer: 2000, XP, Vista, 7, 8, 8.1
Tested Windows server: 2003, 2008, 2012 (including R2)
Architecture: x32/x64
Works on any account: admin, guest, user etc...
No UAC warning
Size: ~10KB (no compression used)
Full unicode support for all languages (English, Russian, Chinese etc...)
Mutex (prevent crashes from multiple executions)
No 3rd party files or drops (no additonal files are dropped, injected, or downloaded). There is just the single binary not packed with other files.
C&C Technical Features:
- All Passwords are encrypted with the RSA-alg (1024 or 2048 Bit Keys)
- The Private-Key used for decryption is encrypted with RC4 and can only be decrypted if the user logs in with the right password
- The Password used to decrypt the private key is not stored and only temp used
(conclusion so even if the server is raided or compromised the Victim-Passwords can't be decrypted)
- The Panel offers various methods to analyze the Victim-Data such as Platform, Country, Time/Date etc
What Do I Get When I Buy?
1) Trojan binary locked to C&C panel (recompile new URL by request to support)
2) Decryption program - with key from C&C is used to decrypt files
3) Free lifetime support via jabber
4) Changes, updates, and removal of any features (contact support)
5) Free bug fixes
7) Full resale rights to sell binary (contact support first)
Video of product and web panel in action
[video]https://vid.me/e/uPf[/video]
Screen shots of C&C:
Features of C&C panel?
- Secure login to prevent recovery of decryption Passwords (user's credentials are stored encrypted)
- After login user is able to view the HWIDs (a unique serial number to identity their computer)
- After login user is able to view the Passwords (a randomly generated unique string used to encrypt files)
- Export option is to download all HWIDs and Passwords
- Delete will delete a HWID and Password
- Refresh will purge the database of all information (this should be done after you have exported the logs to prevent leakage of database)
- Theme if not required can be removed by not uploading "style.css" and the folder "images"
- Panel is completely 100% secure from SQL-I, XSS etc…
- No identifiable information is stored by the panel (IP address, visiting time, amount of visits etc…)
- Cheap VPS is preferred to prevent recovery of decryption keys, however even free hosting works as only PHP and MYSQL are required
- Bulletproof hosting is not necessary as after HWID and decryption keys have been exported the server can be formatted to prevent recovery (C&C is only needed once for 10 seconds)
- Panel is usable with Tor/proxy/VPN etc… (there are no scripts)
Prices & Payment Information
Price: $850
Customers limit: 5
Recompiles: free
Support: free
Escrow accepted
Payments will be: Bitcoin (BTC), Perfect Money(USD)
Contact Information
Jabber (XMPP):corporate@swissjabber.ch
PM
octorC
If language is Russian (or non-English) support and sales with private message is preferred due to language difficulties with google translate.
Other contact methods such as Yahoo messenger, Skype etc…? Please PM.
Credits: DoctorC coding, Kriminalac for PHP/CSS/design, and Phant0m for helping.
Greetz: krebsonsecurity - the whitehat with nothing better to do, suck my dick you little bitch!
Exaction Cryptolocker
Криптолокер шифрует все файлы на компьютере жертвы. Если жертва не заплатит выкуп (например : 3 000$) , все файлы будут утеряны навсегда! Домашнее задание, личные фотографии/музыка/видео, документы, базы данных, биткойн wallet.dat, исходные коды, презентации Power Point и тд. Все будет зашифровано.
Информация о том , что такое криптолокер : corporate@swissjabber.ch
PM: DoctorC[/QUOTE]
Exaction Cryptolocker
A Crypto Trojan encrypts all files on a victim's computer with an unbreakable encryption. If the victim does not pay ransom (for example: $3,000) their files are lost forever! College work, personal photos/videos/music, documents, databases, bitcoin wallet.dat files, source codes, power point presentations etc… are encrypted!
Here is information on what a Crypto Trojan (Encrypting Ransomware) is: http://en.wikipedia.org/wiki/CryptoLocker
Features of Exaction Cryptolocker:
- Encryption algorithm
Exaction Crypto Locker uses military grade AES 256 bit encryption. Ensures file recovery is not possible without decryption key.
A 256 bit key is randomly generated upon execution and sent to C&C. This key is different for every computer and is not stored in binary.
Files are only encrypted once key and the users's HWID have been successfully submitted to the panel.
AES encryption cannot be cracked, and would take millions of years to bruteforce the key.
- AV software cannot decrypt files
AV software created to decrypt files does not decrypt Exaction Crypto Locker files:
+Panda Ransomware Decrypt Tool
+BitDefender Decrypt
+Kaspersky RannohDecryptor
+Kaspersky RectorDecryptor
+Kaspersky XoristDecryptor
Contact support to test against other decrypt programs
- Files in all locations are encrypted
All user files inside of all folders are encrypted if accessible (for example: whole computer all folders, MyDocs, A:\\, B:\\, C:\\ and external media USBs etc...) except for important windows operating system files.
- Secure file erasion (3 passes)
Securely deletes the original file to prevent recovery.
- Creates message (in a .txt)
In every folder there will be a message in Attention-User!.txt This is where the user reads instructions on how to decrypt files.
- Compatible with crypters
All crypters should work as Exaction Crypto Locker does not use EOF etc... which makes crypting problamatic.
- Completely invisible
No GUI, warning etc... is shown to prevent user from becoming alarmed.
- Empties recycle bin
Recyle bin is encrypted, however this will empty recycle bin on all drives.
- Detailed information:
Coded in C++
No dependencies .net framework, java, vb6 runtimes, msvcrt100.dll
Tested Windows computer: 2000, XP, Vista, 7, 8, 8.1
Tested Windows server: 2003, 2008, 2012 (including R2)
Architecture: x32/x64
Works on any account: admin, guest, user etc...
No UAC warning
Size: ~10KB (no compression used)
Full unicode support for all languages (English, Russian, Chinese etc...)
Mutex (prevent crashes from multiple executions)
No 3rd party files or drops (no additonal files are dropped, injected, or downloaded). There is just the single binary not packed with other files.
C&C Technical Features:
- All Passwords are encrypted with the RSA-alg (1024 or 2048 Bit Keys)
- The Private-Key used for decryption is encrypted with RC4 and can only be decrypted if the user logs in with the right password
- The Password used to decrypt the private key is not stored and only temp used
(conclusion so even if the server is raided or compromised the Victim-Passwords can't be decrypted)
- The Panel offers various methods to analyze the Victim-Data such as Platform, Country, Time/Date etc
What Do I Get When I Buy?
1) Trojan binary locked to C&C panel (recompile new URL by request to support)
2) Decryption program - with key from C&C is used to decrypt files
3) Free lifetime support via jabber
4) Changes, updates, and removal of any features (contact support)
5) Free bug fixes
7) Full resale rights to sell binary (contact support first)
Video of product and web panel in action
[video]https://vid.me/e/uPf[/video]
Screen shots of C&C:
Features of C&C panel?
- Secure login to prevent recovery of decryption Passwords (user's credentials are stored encrypted)
- After login user is able to view the HWIDs (a unique serial number to identity their computer)
- After login user is able to view the Passwords (a randomly generated unique string used to encrypt files)
- Export option is to download all HWIDs and Passwords
- Delete will delete a HWID and Password
- Refresh will purge the database of all information (this should be done after you have exported the logs to prevent leakage of database)
- Theme if not required can be removed by not uploading "style.css" and the folder "images"
- Panel is completely 100% secure from SQL-I, XSS etc…
- No identifiable information is stored by the panel (IP address, visiting time, amount of visits etc…)
- Cheap VPS is preferred to prevent recovery of decryption keys, however even free hosting works as only PHP and MYSQL are required
- Bulletproof hosting is not necessary as after HWID and decryption keys have been exported the server can be formatted to prevent recovery (C&C is only needed once for 10 seconds)
- Panel is usable with Tor/proxy/VPN etc… (there are no scripts)
Prices & Payment Information
Price: $850
Customers limit: 5
Recompiles: free
Support: free
Escrow accepted
Payments will be: Bitcoin (BTC), Perfect Money(USD)
Contact Information
Jabber (XMPP):corporate@swissjabber.ch
PM
octorCIf language is Russian (or non-English) support and sales with private message is preferred due to language difficulties with google translate.
Other contact methods such as Yahoo messenger, Skype etc…? Please PM.
Credits: DoctorC coding, Kriminalac for PHP/CSS/design, and Phant0m for helping.
Greetz: krebsonsecurity - the whitehat with nothing better to do, suck my dick you little bitch!
