desperados_1337
New Member
- Joined
- May 19, 2025
- Messages
- 2
- Reaction score
- 0
- Points
- 1
- Thread Author
-
- #1
> an advanced and stable multi-platform locker/unlocker (Windows, Linux, ESXi) with following features is for sale:
> Cross-platform Features (all variants):
- modular project in pure C++, zero code reuse, full ground up build
- command line argument support for overwriting default settings
- compiles in 2 modes:
- debug mode: prints all debug messages on console output, for dev purposes
- operational mode: suppresses all debug messages and removes debug strings from binary, for real attacks
- hybrid encryption via custom chacha20 + RSA 4096 (random key per-file)
- Secure random key generation for symmetric key (irreversible)
- Multi-threaded encryption & directory recursion
- Smart file encryption mode using 3 tier auto model (configurable):
• small files - full encryption
• medium files - head/tail encryption
• large files - chunked interval encryption
- Encryption benchmark for speed test ( only accurate if exfiltration module is not enabled)
- Custom ransom note
- Self-destruction
- Terminates conflicting processes & services
- mutex support
- Generate encryption report file (contains a list of all encrypted files with size & total size/number)
- reboot after encryption
> Windows Specific Features:
- multi-threading via windows threadpool and asynchronous I/O using IOCP
- Set process & thread priority to real-time
- Terminates process/services with SYSTEM privileges (Trusted Installer)
- supports DLL block policy: restarts the process and blocks non-microsoft DLLs
- compile-time string & config encryption with custom algorithm, no static clear-text strings in final binary (except for debug messages if compiled in debug mode)
- Anti-debugger: exits on detection
- dynamic API call (for most APIs) via custom resolver & compile-time API hashing
- disables ETW (in-process)
- Clear event logs
- Delete volume shadow copy and windows backups
- can selectively encrypt local & removable drive, network shares or both
- Set icon & change wallpaper
- Disable windows defender AV and/or bypass tamper protection if possible
- Language, region & timezone check
- Self-propagation in Active Directory via creds or access token (PsExec method)
- AD self-propagation is wormable (with username/password keeps auto-spreading from all endpoints without interaction)
- Remote file encryption over SMB on /24 of internal network via access token or creds (e.g., \\\IP\\C$\\.. )
- Automated file exfiltration over HTTP with python server and web interface for monitoring (works in local and self-propagation modes)
- Supports expiration date in 2 modes:
- number of days from compile time (N days from compile date)
- exact date set (mm/dd/yy)
> ESXi Specific Features:
- Automatic VM force-stop and snapshot removal
- Statically compiled libraries (no dependency issues across different versions)
- Persistence via cron jobs
- Special encryption mode for ESXi machines with very large VM files
> Demo videos:
- single windows host demo: Watch single_demo | Streamable
- Active Directory self-propagation demo: Watch domain_demo | Streamable
- ESXi demo:: Watch esxi_demo | Streamable
- Linux demo: Watch linux_demo | Streamable
>> Initial price: $40K
>> payment via escrow only
*** plz don't waste my time, only real buyers ***
- everything you need to know and see is in the demo videos
- if you are interested DM me or reach out via:
tox ID:
02B45B82EAD67AEDDC0879940088600FA9DD6356CD00BAF05121720591DA603E5EE1C276FF3A
> Cross-platform Features (all variants):
- modular project in pure C++, zero code reuse, full ground up build
- command line argument support for overwriting default settings
- compiles in 2 modes:
- debug mode: prints all debug messages on console output, for dev purposes
- operational mode: suppresses all debug messages and removes debug strings from binary, for real attacks
- hybrid encryption via custom chacha20 + RSA 4096 (random key per-file)
- Secure random key generation for symmetric key (irreversible)
- Multi-threaded encryption & directory recursion
- Smart file encryption mode using 3 tier auto model (configurable):
• small files - full encryption
• medium files - head/tail encryption
• large files - chunked interval encryption
- Encryption benchmark for speed test ( only accurate if exfiltration module is not enabled)
- Custom ransom note
- Self-destruction
- Terminates conflicting processes & services
- mutex support
- Generate encryption report file (contains a list of all encrypted files with size & total size/number)
- reboot after encryption
> Windows Specific Features:
- multi-threading via windows threadpool and asynchronous I/O using IOCP
- Set process & thread priority to real-time
- Terminates process/services with SYSTEM privileges (Trusted Installer)
- supports DLL block policy: restarts the process and blocks non-microsoft DLLs
- compile-time string & config encryption with custom algorithm, no static clear-text strings in final binary (except for debug messages if compiled in debug mode)
- Anti-debugger: exits on detection
- dynamic API call (for most APIs) via custom resolver & compile-time API hashing
- disables ETW (in-process)
- Clear event logs
- Delete volume shadow copy and windows backups
- can selectively encrypt local & removable drive, network shares or both
- Set icon & change wallpaper
- Disable windows defender AV and/or bypass tamper protection if possible
- Language, region & timezone check
- Self-propagation in Active Directory via creds or access token (PsExec method)
- AD self-propagation is wormable (with username/password keeps auto-spreading from all endpoints without interaction)
- Remote file encryption over SMB on /24 of internal network via access token or creds (e.g., \\\IP\\C$\\.. )
- Automated file exfiltration over HTTP with python server and web interface for monitoring (works in local and self-propagation modes)
- Supports expiration date in 2 modes:
- number of days from compile time (N days from compile date)
- exact date set (mm/dd/yy)
> ESXi Specific Features:
- Automatic VM force-stop and snapshot removal
- Statically compiled libraries (no dependency issues across different versions)
- Persistence via cron jobs
- Special encryption mode for ESXi machines with very large VM files
> Demo videos:
- single windows host demo: Watch single_demo | Streamable
- Active Directory self-propagation demo: Watch domain_demo | Streamable
- ESXi demo:: Watch esxi_demo | Streamable
- Linux demo: Watch linux_demo | Streamable
>> Initial price: $40K
>> payment via escrow only
*** plz don't waste my time, only real buyers ***
- everything you need to know and see is in the demo videos
- if you are interested DM me or reach out via:
tox ID:
02B45B82EAD67AEDDC0879940088600FA9DD6356CD00BAF05121720591DA603E5EE1C276FF3A
Last edited: