GitHubRansomware
GitHub open source ransomware: github.com/nguyenvietphat/Ransomware. .NET based, AES+RSA hybrid encryption, VSS deletion with vssadmin/wbadmin/wmic. It was published for educational purposes but can be used for real attacks.
Threat Profile
Type
Ransomware
Programming LanguageC#/.NET
C2 Protocolcustom
First Seen2023
Targets
Kuresel
Purpose / Capabilities
- Ransomware (Educational)
No C2 servers have been identified for this family yet.
Research Reports (1)
GitHubRansomware 3ea6df18 -- nguyenvietphat-Ransomware AES-RSA-encrypt vssadmin-delete-shadows wbadmin-delete-catalog-quiet winget-git-install svchost-exe ToBase64String torrent-spreading | Orta
GitHubRansomware 3ea6df18 PE32 .NET x86 289KB. Acik kaynak: github.com/nguyenvietphat/Ransomware. AES+RSA. vssadmin delete shadows + wbadmin delete catalog. svchost.exe.
Read Report →