[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] RansomLordNG - anti-ransomware exploit tool

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] RansomLordNG - anti-ransomware exploit tool
From: malvuln <malvuln13@xxxxxxxxx>
Date: Fri, 13 Dec 2024 01:05:58 -0500

This next generation version dumps process memory of the targeted
Malware prior to termination The process memory dump file MalDump.dmp
varies in size and can be 50 MB plus RansomLord now intercepts and
terminates ransomware from 54 different threat groups Adding GPCode,
DarkRace, Snocry, Hydra and Sage to the ever growing victim list.

Lang: C
SHA256: fcb259471a4a7afa938e3aa119bdff25620ae83f128c8c7d39266f410a7ec9aa

RansomLordNG leverages code execution vulnerabilities and saving
process memory to disk prior to termination of the Malware
pre-encryption. This may be useful as we can possibly avoid unpacking,
anti-debugging techniques or fully executing the malware. The MalDump
feature is optional and can be toggled to enabled=1 or disabled=0

https://github.com/malvuln/RansomLord/releases/tag/NG

Thank you,
malvuln
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Prev by Date: [FD] APPLE-SA-12-11-2024-9 Safari 18.2
Next by Date: [FD] [KIS-2024-07] GFI Kerio Control <= 9.4.5 Multiple HTTP Response Splitting Vulnerabilities
Previous by thread: [FD] APPLE-SA-12-11-2024-9 Safari 18.2
Next by thread: [FD] [KIS-2024-07] GFI Kerio Control <= 9.4.5 Multiple HTTP Response Splitting Vulnerabilities
Index(es):
- Date
- Thread