RunSomeAware Ransomware Awareness Campaign with PoC
RunSomeAware Ransomware Awareness Campaign with PoC

RunSomeAware: Ransomware Awareness Campaign with PoC

Small ransomware awareness campaign with proof of concept…

  • Ransomware: type of malware which encrypt all your files.
  • Encryption: simple locker which will lock specific files with a key. You can’t unlock them without key.
  • Example: Suppose I have data which contains some personal information and also an key. And I encrypt like below:
//Settings...
data = 10
key = 20
//Encryption...
data + key = 30


//You need 2 variable values to recover 3rd value.
//Decryption...
data = 30 - key
data = 20
//You can't recover data without a key.

Features

  • Tiny around 5–7 KB
  • Coded under 100 lines
  • Allowed file extension specification.
  • Supports .net framework v2.0—5.x
  • Supports win7–win10 both 86/64 bit
  • AES 32 bit encryption
Demo RunSomeAware
Demo RunSomeAware

Configure

First set these all settings in RunSomeAware.cs and then run compiler_v2.0.bat or compiler_v4.0.bat.

C#
  • Key: A key to lock or unlock files.
  • Crypted File Extension: encrypted files will use this extension. e.g { ".graysuit", ".cry" ...}; etc.
  • ParentDirectory: directory where runsomeaware start encrypting files and folders.
  • Allowed File Extension: files with specific extension which would be encrypted and other would be skipped. e.g { ".png", ".doc", ".pdf", ... }; etc.
  • Encryption Mode: Specify whether you want to encrypt or decrypt files. i.e Mode.Encrypt or Mode.Encrypt etc.

Compiler Example’s

Examples contain various examples showing how to set:

  • compiler_Assembly_Changer.bat : Change assembly info details of output execuatble. e.g CompanyName,FileVersion,CopyRight etc
  • compiler_Icon.bat : Change icon of output execuatble.
  • compiler_Optimize.bat : Optimize output execuatble file size.
  • compiler_Run_As_Admin.bat : Make output execuatble to always run as administrator.
  • compiler_help.txt : Contains some info about csharp compiler arguments.

Disclaimer

We assume everyone should use it legally. Author and organisation won’t be responsible in case of your crime.