Windows Virus who destroy some impotants files on C:\windows\system32\

Overview

psychic-robot

Windows Virus who destroy some importants files on C:\windows\system32\

Signatures of psychic-robot.PY (python file) :

  • Bkav Pro : ASP.Webshell

Signatures of psychic-robot.EXE (executable) :

  • Antiy-AVL : Trojan/Generic.ASMalwS.34D0C6E

  • Avast : Win32:Trojan-gen

  • AVG : Win32:Trojan-gen

  • Bkav Pro : W32.AIDetect.malware2

  • Cylance : Unsafe

  • eGambit : Unsafe.AI_Score_98%

  • Gridinsoft : Ransom.Win32.Sabsik.oa!s1

  • Jiangmin : Trojan.PSW.Disco.ccw

  • Lionic : Trojan.Win32.Generic.4!c

  • McAfee : GenericRXAA-FA!88F91C350BDD

  • McAfee-GW-Edition : BehavesLike.Win32.Generic.tc

  • Microsoft : Trojan:Win32/Sabsik.FL.B!ml

  • SecureAge APEX : Malicious

  • Sophos : Mal/Generic-S

  • Symantec : ML.Attribute.HighConfidence

  • Zillya : Trojan.Agent.Win32.2557541

Details :

  • This is not a ransomware
  • **it's recognized as ransomware because he is using the XOR method ;) **
  • For educationnal purposes
  • OpenSource
  • ⚠️ DO NOT INFECT THE OTHER'S PC ⚠️
  • ⚠️ DO NOT USE FOR ILLEGAL PURPOSES ⚠️

Optionnal Infos :

D5 : 68b79c1954bbe82e6627f41407f97f5a

SHA-1 : 9b272086f6a609d2bf17a7bef2d80c2fca8baaac

SHA-256 : 7f210102cc5f02b7679405a16635000e45c7e37709fb540a60af82baaec42084

SSDEEP : 192:adPdTdndBddd9dxdTdndtd5dRdNd+dJdc:adPdTdndBddd9dxdTdndtd5dRdNd+dJi

TLSH : T15F02D140EA584272027A59ED04F38D62B2A1F027BF16D751378D719C9F385EE4E3B6E2

File type : Python

Magic ASCII Python program text, with CRLF line terminators

File size : 8.08 KB (8274 bytes)

VirusTotal : https://www.virustotal.com/gui/file/0525cc2d4079a9a3bc413f552a4125d32f030bf2eeeaa8df559c901537712e39

Owner
H-Tech-Dev36
A Young Hacking And coding learner ; Who love Kali Linux and also love the others Linux !
H-Tech-Dev36
The next level Python obfuscator, nearly impossible to deobfuscate.

🐸 Kramer 🐸 Kramer is a next level obfuscation tool written in Python3 allowing you to obfuscate your Python3 code easily and securely. It uses Berse

Billy 114 Dec 26, 2022
The Easiest Way To Gallery Hacking

The easiest way to HACK A GALLARY, Get every part of your friends' gallery ( 100% Working ) | Tool By John Kener 🇱🇰

John Kener 34 Nov 30, 2022
A dynamic multi-STL, multi-process OpenSCAD build system with autoplating support

scad-build This is a multi-STL OpenSCAD build system based around GNU make. It supports dynamic build targets, intelligent previews with user-defined

Jordan Mulcahey 1 Dec 21, 2021
A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask.

PWInput A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask. Installatio

Al Sweigart 26 Sep 04, 2022
Sentinel-1 SAR time series analysis for OSINT use

SARveillance Sentinel-1 SAR time series analysis for OSINT use. Description Generates a time lapse GIF of the Sentinel-1 satellite images for the loca

21 Dec 09, 2022
SubFind - Subdomain Finder Tools

SubFind (Subdomain Finder Tools) Info Tools Result Of Subdomain Command In Termi

LangMurpY 2 Jan 25, 2022
Domain abuse scanner covering domainsquatting and phishing keywords.

🦷 monodon 🐋 Domain abuse scanner covering domainsquatting and phishing keywords. Setup Monodon is a Python 3.7+ programm. To setup on a Linux machin

2 Mar 15, 2022
On-demand scanning for container registries

Lacework registry scanner Install & configure Lacework CLI Integrate a Container Registry Go to Lacework Resources Containers Container Image In

Will Robinson 1 Dec 14, 2021
A brute Force tool for Facebook

EliBruter A brute Force tool for Facebook Installing this tool -- $ pkg upgrade && update $ pkg install python $ pkg install python3 $ pkg install gi

Eli Hacks 3 Mar 29, 2022
Microsoft Exchange Server SSRF漏洞(CVE-2021-26855)

Microsoft_Exchange_Server_SSRF_CVE-2021-26855 zoomeye dork:app:"Microsoft Exchange Server" 使用Seebug工具箱及pocsuite3编写的脚本Microsoft_Exchange_Server_SSRF_CV

conjojo 37 Nov 12, 2022
The Devils Eye is an OSINT tool that searches the Darkweb for onion links and descriptions that match with the users query without requiring the use for Tor.

The Devil's Eye searches the darkweb for information relating to the user's query and returns the results including .onion links and their description

Richard Mwewa 135 Dec 31, 2022
Mass scan for .git repository and .env file exposure

Mass .Git repository and .Env file Scan by Scarmandef Scanner to find .env file and .git repository exposure on multiple hosts Because of the response

8 Jun 23, 2022
Yara Based Detection Engine for web browsers

Yobi Yara Based Detection for web browsers System Requirements Yobi requires python3 and and right now supports only firefox and other Gecko-based bro

imp0rtp3 44 Nov 20, 2022
IDA Frida Plugin for tracing something interesting.

IDAFrida A simple IDA plugin to generate FRIDA script. Edit template for functions or you can use the default template. Select functions you want to t

PandaOS 133 Dec 24, 2022
PassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)

A medium security python password manager that encrypt passwords using Advanced Encryption Standard (AES) PassLock is a password manager and password

Akshay Vs 44 Nov 18, 2022
DNSpooq - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685)

dnspooq DNSpooq PoC - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685) For educational purposes only Requirements Docker compo

Teppei Fukuda 80 Nov 28, 2022
对安卓APP注入MSF PAYLOAD,并且对手机管家进行BYPASS。

520_APK_HOOK 介绍 将msf生成的payload,注入到一个正常的apk文件中,重新打包后进行加固,bypass手机安全管家的检测。 项目地址: https://github.com/cleverbao/520apkhook 作者: BaoGuo 优点 相比于原始的msf远控,此版本ap

BaoGuo 368 Jan 02, 2023
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

mitmproxy mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. mitmdump is the

mitmproxy 29.7k Jan 04, 2023
威胁情报播报

Threat-Broadcast 威胁情报播报 运行环境 项目介绍 从以下公开的威胁情报来源爬取并整合最新信息: 360:https://cert.360.cn/warning 奇安信:https://ti.qianxin.com/advisory/ 红后:https://redqueen.tj-u

东方有鱼名为咸 148 Nov 09, 2022
Python Toolkit containing different Cyber Attacks Tools

Helikopter Python Toolkit containing different Cyber Attacks Tools. Tools in Helikopter Toolkit 1. FattyNigger (PYTHON WORM) 2. Taxes (PYTHON PASS EXT

Saqlain Naqvi 22 Dec 04, 2022