Skip to content
/ izi-locker Public

implementation of crypto-locker malware targeting unix systems

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SharpMan/izi-locker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
Makefile
Makefile
 
 
README.md
README.md
 
 
aes256.c
aes256.c
 
 
aes256.h
aes256.h
 
 
dump_sample.txt
dump_sample.txt
 
 
file.c
file.c
 
 
file.h
file.h
 
 
main.c
main.c
 
 

Repository files navigation

Synopsis

This is a simple variation of crypto-locker such as TeslaCrypt and Cryptor which aims to target data-file (amv,mp3,pdf,etc..).

The process begins by :

  • Recursive directory scan
  • List of sensitive files targeted
  • Encrypting each file content with AES256 or RSA-2048 using a unique key
  • Renaming the file with a random name
  • Sending the path, old name, new name, and encrypting key to the malware server

######Note 1: I didn't use PKCS#5 padding since it slows down the process.

I rather ignore the last block of file which is not dividable by 16.

######Note 2: The encryption process and manipulation of data are done in the CPU register instead of RAM.

This will accelerate and smooth data access.

Plain-text resources

Remove “Your personal files are encrypted” ransomware

KillDisk Ransomware Targets Linux; Demands $250,000 Ransom, But Won't Decrypt Files

Los Angeles College Pays Hackers $28,000 Ransom To Get Its Files Back

Acknowledgments

  • Hal Finney's AES256 implementation

About

implementation of crypto-locker malware targeting unix systems

Topics

malware locker malware-samples filelock

Resources

Readme
Activity

Stars

0 stars

Watchers

5 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages