Characteristics:
--Small file size client.
--Builder can steal icons from another executable or load any png or ico file.
--Low antivirus detection without encryption.
--Self delete client after encryption is done.
--Encryption key is erased after encryption which makes very hard to recover the key.
--Strong encryption algorithm Rijndael large key American Government Standard.
--File extensions to be encrypted can be configured.
--Decryptor is provided (requires encryption key used at the moment of building).
--Totally configurable: client name, ransom message, ransom filename, encrypted extension, directories to be attacked, BTC address, special directories to be attacked.
--Unique Dynamic key per client.
--Persistence, melting, auto obfuscation, send deceiving message while encrypting.
--Low detection profile (bypasses defender - see video).
--Automatic internet updates.
--Runs from Win7 and up.
Edited by Aesculapius, 31 January 2021 - 05:27 PM.