项目作者: 1d8
项目描述 :
Nimlang "Ransomware" Malware For Linux
高级语言: Nim
项目地址: git://github.com/1d8/bstry.git
Bstry - Nimlang “Ransomware” Malware
This malware will:
- cycle through all files in a user’s /home/ directory & add them to a list
- cycle through that list & grab the number of lines of each file, then generate a random number between 1 & the number of lines in each file. That random number will be used to encrypt x amount of lines in the file
- EX: Say a file has 36 lines. We generate a random number between 1 & 36 and we get 24. We will be encrypting the first 24 lines of that file.
- The encryption key used is a combination of 3 things:
- The first line of the file to be encrypted (so technically, the key used to encrypt each file would be different)
- The current working directory from which the malware is ran
- The current user’s username
The encryption algorithm used is xxtea.
This malware was coded to work only on Linux machines as of now
Todo:
- Input error handling.
Compilation
nim compile <filename>
VT-Scan
Hybrid Analysis Link
