Satan Ransomware decrypted strings

1. Two xor decryption loops in order to decrypt the strings
2. @xorsthings
3. =======================================================
4.  
5. ollydbg
6. windbgframeclass
7. ImmunityDebugger
8. ZetaDebugger
9. Rock Debugger
10. ObsidianGUI
11.  
12. kernel32.dll
13.  
14. BlockInput --> Anti-Debug
15. IsDebuggerPresent--> Anti-Debug
16. CheckRemoteDebuggerPresent--> Anti-Debug
17.  
18.  
19.  
20. dbghelp.dll --> anti-debug
21. Sbiedll.dll----> Sandboxie detection
22. snxhk.dll ---> sandbox detection
23. api_log.dll---> SunBelt sandbox detection
24. dir_watch.dll --> SunBelt SandBox detection
25. vmcheck.dll--> Virtual-PC detection
26. wpespy.dll -->WPE Pro detection
27. pstorec.dll --> SunBelt Sandbox detection
28.  
29. ollydbg.exe
30. ProcessHacker.exe
31. tcpviewer.exe
32. autoruns.exe
33. autorunsc.exe
34. filemon.exe
35. procmon.exe
36. procexp.exe
37. idaq.exe
38. idaq64.exe
39. ImmunityDebugger.exe
40. WireShark.exe
41. dumpcap.exe
42. HookExplorer.exe
43. ImportREC.exe
44. PETools.exe
45. LordPE.exe
46. SysInspector.exe
47. proc_analyser.exe
48. sysAnalyzer.exe
49. sniff_hit.exe
50. windbg.exe
51. joeboxcontrol.exe
52. joeboxserver.exe
53. netmon.exe
54. prl__cc.exe
55. HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical Unit Id 0
56. SOFTWARE\VMware, Inc.\VMware Tools
57. prl_tools.exe
58. VMSrvc.exe
59. VMUSrvc.exe
60. xenservice.exe
61.  
62. Identifier
63.  
64. HARDWARE\DESCRIPTION\System
65. QEMU
66. \\.\PhysicalDrive0
67. ntdll.dll
68. NtClose
69. SystemBiosVersion
70.  
71. VBOX
72. VideoBiosVersion
73. drivers\VBoxMouse.sys