| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 1 Jan 2024 17:23:50 -0500 From: hyp3rlinx <apparitionsec@...il.com> To: fulldisclosure@...lists.org Subject: [FD] RansomLord v2 - Anti-Ransomware Exploitation Tool / New Release RansomLord v2 - Anti-Ransomware Exploitation Tool [Description] RansomLord is a proof-of-concept Anti-Ransomware exploitation tool that generates PE files, used to exploit vulnerable Ransomware pre-encryption. Lang: C SHA256 : 8EA83752C4096C778709C14B60B9735CC68A5971DCDB0028A0BB167550554769 This version now intercepts and terminates malware tested from 43 different threat groups. Adding Wagner, Hakbit, Paradise, Jaff, DoubleZero, Blacksnake, Darkbit, Vohuk, Medusa and Phobus. Two are wipers Wagner and DoubleZero supposedly used against entities in the Ukraine conflict. Updated the x32/x64 DLLs to exploit ten more vulnerable ransomware Added -s Security information flag section Lamer Security engines may incorrectly flag RansomLord DLLs as malicious! They are NOT! Win32 API export functions are stubs that simply call exit(1) Generated exploit DLL MD5 file hashes: x32: DFFBE7F79077E89197334764FE6882F4 x64: 5B54E12B8B944FDF64C091B0E6588E48 [Download] https://github.com/malvuln/RansomLord/releases/tag/v2 Malvuln _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists