a1project

ransomware group

The locker is written in C/C++/ASM. <br/>It supports all systems starting from Windows 2003, has a separate binary for ESXi, and uses a unified encrypted file format across all systems. <br/>WINDOWS: <br/> • Two encryption modes: patch-based and file header. <br/> • Extensive configuration settings: from ignoring specific paths/extensions to terminating services/processes, unlocking occupied files, working with network shares, and more. <br/> • Arguments available for shutting down Hyper-V virtual machines, deleting backups, network scanning with logged-in user tokens. <br/> • Each build includes an obfuscated PowerShell script. <br/> • Execution is password-protected. <br/> • The locker itself is shellcode for x86/x64; if you have custom execution methods, we can provide the shellcode. <br/>ESXI: <br/> • Encrypts files in patches, with configurable path exclusions. <br/>The default configuration is pre-set to avoid disrupting Windows/ESXi/Linux systems. <br/> <br/>Our commission is 20% of payouts