Wednesday, 16 March 2011

WinLocker Builder v0.2/v0.3 - Cracking Generated winlocks



Interesting thing today, surfing on the web and i've found a 'winlock generator' by chance.
According to the date of the post who describ the generator it's not really old, so i've investigated this.



The 'winlock builder':




Inside olly, taked me two mins for defeat it


Method is generic for find unlocks code generated with this 0.2 version.

----------

Version v0.3
Routine, same as the v0.2:

VAN32 found:


443kb ransomware a really huge compared to WinAD and other usual threats.
These generated winlock remind me this one: private_brute.exe i've lost the sample but the code remind me something familiar
Posted by at 11:12
Labels: , , , ,

2 comments:

  1. Anonymous16 March 2011 at 13:52

    It's constructor and created winlock will be detected Dr/Web

    ReplyDelete
  2. Culie316 March 2011 at 23:54

    On comment à arriver sur quelque chose d'assez gros là...
    good job dude

    ReplyDelete

Subscribe to: Post Comments (Atom)