Skip to content

Umbra Modules update + Ransomware module

Latest
Latest
Compare
Choose a tag to compare
@h3xduck h3xduck released this 18 Sep 16:29
· 1 commit to master since this release
v0.4.0
0ddd211
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Change-log

Incorporated the so called Umbra Modules:

  • Umbra modules: malware-like extensions for Umbra which can be triggered via the Umbra Injector.
  • The rootkit backdoor now listens for the new injector requests accordingly.

Ransom: A ransomware-like module

  • New Umbra Module "Ransom", a trivial ransomware program using a simple (very bad) encryption algorithm.
  • Ransom can be used to encrypt or decrypt a whole directory (recursively, including sub directories) remotely.
  • Encrypted files appear as .ubr files.

Other changes

  • Added a script for installing Umbra and configuring the environment.
  • New explanatory gifs on the README and updated other parts.
  • Minor fixes.
Assets 3