Files not encrypting

[saranindia]

I am new to golang, I am able to make exe. When I ran.. Its throwing files like SID and files encrypted.

Problems: its not encrypting all files on desktop or any other foldrrs .

Is I am missing anything ?

I can see message that encrypted 3 files .INI but not sure what's wrong

Please suggest.

[mauri870]

Hi @saranindia, possibly your file extensions or size not match with the specified on cmd/common.go. Please take a look

If this is not the problem, please remove the -h windowsgui from makefile and compile it again, so it will prompt any errors on the terminal window

[saranindia]

Thanks for reply, I noticed that.. Access denied errors on C and D Drive and exiting.. is their any way to bypass?

Thanks

[mauri870]

You can see here that it already invoke admin rights during execution

[saranindia]

I realized it supports only type="win32" 32-bit.. How to make it work for 64-bit?

Plz suggest.

Thnx

[saranindia]

I can see only.. below is encrypted. Seems something wrong.. I am not sure what exactly it is..

C:$Recycle.Bin\S-1-5-21-1092494081-4091530594-4120074157-500\desktop.ini
C:$Recycle.Bin\S-1-5-21-1109832789-867174847-3869365320-500\desktop.ini
C:$Recycle.Bin\S-1-5-21-11469178-268846834-3355212150-500\desktop.ini
C:$Recycle.Bin\S-1-5-21-1186436836-991183251-254415931-500\desktop.ini
C:$Recycle.Bin\S-1-5-21-1332031369-4077291013-252599354-500\desktop.ini
C:$Recycle.Bin\S-1-5-21-1394699415-2529089345-1032748157-500\desktop.ini
C:$Recycle.Bin\S-1-5-21-1587740809-3486930567-1934998259-500\desktop.ini
C:$Recycle.Bin\S-1-5-21-1642604442-3317231784-624476322-500\desktop.ini
C:$Recycle.Bin\S-1-5-21-1690838414-409982047-654921158-500\desktop.ini
C:$Recycle.Bin\S-1-5-21-1697780879-2416489769-2381024049-500\desktop.ini
C:$Recycle.Bin\S-1-5-21-1944861799-3346146234-2947993893-500\desktop.ini
C:$Recycle.Bin\S-1-5-21-1839525834-3267607786-3760620021-500\desktop.ini
C:$Recycle.Bin\S-1-5-21-2517250001-2993054938-2187105728-500\desktop.ini

[mauri870]

It's suposed to work on 32 and 64 bits, I keep the x86 version to ensure the compatibility of the two architectures.

About the files, on common.go you can see that it's already ignoring files on the $Recycle.Bin folder. This behavior seems a bit strange 😕

[saranindia]

Made some changes and its working now..

Is their I can add code to open /show automatically HTML (decrypt) instructions once after program runs?

[mysecurecode]

Hi @mauri870, i already followed your instruction to build the binaries, but i stuck when initiate the make command, very appreciate if you can help me to identify the problem, please look at the below output:

sysadmin@ransom-cnc:~/.go/src/github.com/mauri870/ransomware$ make mkdir -p /home/sysadmin/.go/src/github.com/mauri870/ransomware/build/ransomware mkdir -p /home/sysadmin/.go/src/github.com/mauri870/ransomware/build/server mkdir -p /home/sysadmin/.go/src/github.com/mauri870/ransomware/build/unlocker openssl genrsa -out /home/sysadmin/.go/src/github.com/mauri870/ransomware/build/server/private.pem 4096 Generating RSA private key, 4096 bit long modulus ..........................................................++ ..........................................................................................................................................................++ e is 65537 (0x10001) openssl rsa -in /home/sysadmin/.go/src/github.com/mauri870/ransomware/build/server/private.pem -outform PEM -pubout -out /home/sysadmin/.go/src/github.com/mauri870/ransomware/client/public.pem writing RSA key rsrc -manifest ransomware.manifest -ico icon.ico -o /home/sysadmin/.go/src/github.com/mauri870/ransomware/build/ransomware/ransomware.syso Manifest ID: 1 Icon icon.ico ID: 20 cp /home/sysadmin/.go/src/github.com/mauri870/ransomware/build/ransomware/ransomware.syso /home/sysadmin/.go/src/github.com/mauri870/ransomware/build/unlocker/unlocker.syso cp -r cmd/ransomware /home/sysadmin/.go/src/github.com/mauri870/ransomware/build cp -r server /home/sysadmin/.go/src/github.com/mauri870/ransomware/build cp -r cmd/unlocker /home/sysadmin/.go/src/github.com/mauri870/ransomware/build cd /home/sysadmin/.go/src/github.com/mauri870/ransomware/client && perl -pi.bak -e 's/INJECT_PUB_KEY_HERE/echo -n "\n"; cat public.pem/e' main.go cd /home/sysadmin/.go/src/github.com/mauri870/ransomware/build/server && perl -pi -e 's/INJECT_PRIV_KEY_HERE/echo -n "\n"; cat private.pem/e' main.go cd /home/sysadmin/.go/src/github.com/mauri870/ransomware/build/server && env GOOS=linux go run $GOROOT/src/crypto/tls/generate_cert.go --host localhost stat /src/crypto/tls/generate_cert.go: no such file or directory make: *** [pre-build] Error 1

[mauri870]

@mysecurecode Please check if your $GOROOT variable exists and point to the root of the go src tree

[mauri870]

Also have a look at the Go installation docs
You can use docker too, which I recommend

[mysecurecode]

@mauri870 thank you for the guide, the issue have been fixed.
Thanks!

[merahawan]

@saranindia @mauri870 Hi guys,I m facing the access deny issue , how to fix ? appreciate your suggestions

[mauri870]

I think you need to run as administrator to allow Go to touch these directories

[AguNnamdi]

I have just created the three binaries - ransomware.exe, server, unlocker.exe but I 'm stuck..
how do I start the server in my kali vm and make ransomware.exe run on a win7 vm on host mac os...?
The path to the server in kali is /goproject/github.com/mauri870/ransomware/bin/server/
I ran ./server in the current working directory but nothing showed up.: as if it was waiting for a connection
Then went to https://localhost:8080, then nothing again.
I doubleclicked on ransomware.exe on my win7, nothing ... it doesn't even show that the process is running..
Where have I gone wrong.. What command should I use to start the server.. thank you in advance

[Gembeltz]

hi mauri, hi all..
what about this problem