malware POC Windows ransomware - Go lang

[weaver]

This project was developed for the Computer Security course at my academic degree. Basically, it will encrypt your files in background using AES-256-CTR, a strong encryption algorithm, using RSA-4096 to secure the exchange with the server, optionally using the Tor SOCKS5 Proxy. The base functionality is what you see in the famous ransomware Cryptolocker.

The project is composed by three parts, the server, the malware and the unlocker.

The server store the victim's identification key along with the encryption key used by the malware.

The malware encrypt with a RSA-4096 (RSA-OAEP-4096 + SHA256) public key any payload before send then to the server. This approach with the optional Tor Proxy and a .onion domain allow you to hide almost completely your server.

GitHub - mauri870/ransomware: A POC Windows crypto-ransomware (Academic). Now Ransom:Win32/MauriCrypt.MK!MTB

A POC Windows crypto-ransomware (Academic). Now Ransom:Win32/MauriCrypt.MK!MTB - GitHub - mauri870/ransomware: A POC Windows crypto-ransomware (Academic). Now Ransom:Win32/MauriCrypt.MK!MTB

github.com