Skip to content

youyong123/Angie-Ransomware

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

78 Commits
images
images
 
 
master
master
 
 
slave
slave
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
.gitkeep
.gitkeep
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
globalconfig.h
globalconfig.h
 
 

Repository files navigation

Angie-Ransomware

Professional ransomware for educational purposes
Angie-Ransomware is x32 bit ransomware that is designed to target mainly x64 Windows but still supports x32 bit of course, She by design can bypass almost all sandboxes by using its own NTDLL stubs from Windows 7 to Windows 10 1809, if the version of windows is newer than Windows 10 1809 will load the addressed from NTDLL.DLL and use them. Another trick that she does is if she is under Wow64 after connecting to master and retrieves a encryption key, she will switch to long mode and operate on x64 user space, this switch is the killer for almost all sandboxes and debuggers and its the biggest defence. Its still under development.

Tools

Visual Studio 2017/2019
Intel System Studio 19.0
Windows SDK 10.0.17763.0
Sysinternals Suite
Make from Mingw
Nasm

Cool people

http://sandpile.org

Some images

image1 image1

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

6 stars

Watchers

1 watching

Forks

8 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages