OP 27 April, 2024 - 05:49 PM
(This post was last modified: 06 December, 2024 - 11:31 PM by angelbanker. Edited 6 times in total.)
5/7/2024 - The project has been resumed and is open for adverts and serious inquiries.
![[Image: maxresdefault-1.jpg]](https://i.ibb.co/xYhDX0L/maxresdefault-1.jpg)
IVAN - Infiltrate and Vanquish American Networks
Kadavro Vector Ransomware v3 - an advanced ransomware program.
Crafted by seasoned and daring developers who know their craft.
Brief overview of features:
● File encryption using Aes256-GCM algorithm.
● Encryption of decryption key using Block Chaining Cipher combined with curve25519. Older algorithms vulnerable to key hashing collisions have been removed.
● Anti-CIS, Kadavro will not execute in the post-Soviet space, specifically in the following countries:
- Belarus
- Kazakhstan
- Uzbekistan
- Azerbaijan
- Turkmenistan
- Georgia
- Armenia
- Moldova
- Kyrgyzstan
- Tajikistan
- Russia
● UAC bypass (custom powershell script (FUD)).
Payload:
● 3 .NET forms, primary form appears after encrypting all files.
● List of encrypted files.
● Generating QR code based on specified Monero address.
● Countdown timer until all files are deleted.
● Every 20 seconds, the sum specified in the builder increases by $10.
● 2nd form contains decryption labels | Basic decryption of all files | Decrypting one file for locker legitimacy.
● 3rd form with bug bounty and Telegram chat for sending bugs with contacts.
● 11 languages of Western countries and beyond.
● Custom HTML file using JavaScript and CSS.
Builder:
● Flexible settings.
● Option to specify Monero address (only), contact details, hours, minutes, attempts on incorrect key input, extension, dollar amount.
● Log retrieval: via Telegram bot (token and chat ID) or any hosting, .onion addresses also supported. PHP file for logs is provided with the builder.
● Two encryption modes: encrypting all files | encrypting with specified extension.
● Anti-virtual environments.
● Anti-emulators.
● Anti-debugger.
● Startup task manager.
● Detection and anti-run in sandbox.
● Anyrun.
● Removal of backups and restore points.
● Option to set properties and icons.
● Automatic file obfuscation.
We are not a public hacking group, we operate privately and do not accept people without experience in ransomware distribution.
1) Experience with ransomware.
2) Experience in distribution.
We are not chasing money, we are chasing reputation, giving you the opportunity to earn.
Why work with us?
There was much talk about the first version of Kadavro in popular news publications. As of 2023, there were no decrypters for Kadavro. Even if there were, they were not functional.
We consistently operate actively, answering all your questions.
We allow encryption of whatever you want, individuals and corporate entities, companies of any income level.
We have never deceived and do not intend to, ready for long-term cooperation.
Do not write to us that you want to try hard or try to work with ransomware.
If we notice that you are inactive within 7 days, without notifications of why you are inactive, you will be blocked, and your builder license will be permanently disabled without the possibility of recovery.
We provide Kadavro ransomware for testing only to moderators/staff of this forum. Do not write to us if you do not have money for rent or if you are not ready.
For all inquiries, write in PM on the forum or under this thread.
Prices:
2 months rental - $380
9 months rental - $1710
Contacts for rent:
My qTox ID - 0DF8A8515581B7BE24D2FC1F107AD38E20E6F26F6DF83E6C30AB49FF4707BD5720A0F4A38AB5
![[Image: MrMonero.png]](https://i.ibb.co/MNNtx2c/MrMonero.png)
My Session ID - 05eca1eae9cd4c27373b635def91514bd682cddd3bcc26d1c857bbcff3c7d28624
Second developer n1k7:
Session ID - 052b804fe69983cef6346fbbcc14053d418b967faba357eebaa9166f203bb36266
Telegram - none and will not be, do not feed scammers and other scoundrels.
Crafted by seasoned and daring developers who know their craft.
Brief overview of features:
● File encryption using Aes256-GCM algorithm.
● Encryption of decryption key using Block Chaining Cipher combined with curve25519. Older algorithms vulnerable to key hashing collisions have been removed.
● Anti-CIS, Kadavro will not execute in the post-Soviet space, specifically in the following countries:
- Belarus
- Kazakhstan
- Uzbekistan
- Azerbaijan
- Turkmenistan
- Georgia
- Armenia
- Moldova
- Kyrgyzstan
- Tajikistan
- Russia
● UAC bypass (custom powershell script (FUD)).
Payload:
● 3 .NET forms, primary form appears after encrypting all files.
● List of encrypted files.
● Generating QR code based on specified Monero address.
● Countdown timer until all files are deleted.
● Every 20 seconds, the sum specified in the builder increases by $10.
● 2nd form contains decryption labels | Basic decryption of all files | Decrypting one file for locker legitimacy.
● 3rd form with bug bounty and Telegram chat for sending bugs with contacts.
● 11 languages of Western countries and beyond.
● Custom HTML file using JavaScript and CSS.
Builder:
● Flexible settings.
● Option to specify Monero address (only), contact details, hours, minutes, attempts on incorrect key input, extension, dollar amount.
● Log retrieval: via Telegram bot (token and chat ID) or any hosting, .onion addresses also supported. PHP file for logs is provided with the builder.
● Two encryption modes: encrypting all files | encrypting with specified extension.
● Anti-virtual environments.
● Anti-emulators.
● Anti-debugger.
● Startup task manager.
● Detection and anti-run in sandbox.
● Anyrun.
● Removal of backups and restore points.
● Option to set properties and icons.
● Automatic file obfuscation.
We are not a public hacking group, we operate privately and do not accept people without experience in ransomware distribution.
1) Experience with ransomware.
2) Experience in distribution.
We are not chasing money, we are chasing reputation, giving you the opportunity to earn.
Why work with us?
There was much talk about the first version of Kadavro in popular news publications. As of 2023, there were no decrypters for Kadavro. Even if there were, they were not functional.
We consistently operate actively, answering all your questions.
We allow encryption of whatever you want, individuals and corporate entities, companies of any income level.
We have never deceived and do not intend to, ready for long-term cooperation.
Do not write to us that you want to try hard or try to work with ransomware.
If we notice that you are inactive within 7 days, without notifications of why you are inactive, you will be blocked, and your builder license will be permanently disabled without the possibility of recovery.
We provide Kadavro ransomware for testing only to moderators/staff of this forum. Do not write to us if you do not have money for rent or if you are not ready.
For all inquiries, write in PM on the forum or under this thread.
Prices:
2 months rental - $380
9 months rental - $1710
Contacts for rent:
My qTox ID - 0DF8A8515581B7BE24D2FC1F107AD38E20E6F26F6DF83E6C30AB49FF4707BD5720A0F4A38AB5
My Session ID - 05eca1eae9cd4c27373b635def91514bd682cddd3bcc26d1c857bbcff3c7d28624
Second developer n1k7:
Session ID - 052b804fe69983cef6346fbbcc14053d418b967faba357eebaa9166f203bb36266
Telegram - none and will not be, do not feed scammers and other scoundrels.
![[Image: wave2.gif]](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fstatic.cracked.io%2Fimages%2Fsmilies%2Fwave2.gif)
![[Image: kekg2.gif]](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fstatic.cracked.io%2Fimages%2Fsmilies%2Fkekg2.gif)
![[Image: 9lRmxuD.gif]](https://i.imgur.com/9lRmxuD.gif)
![[Image: maam.gif]](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fstatic.cracked.io%2Fimages%2Fsmilies%2Fmaam.gif)
![[Image: Screenshot-10.png]](https://i.ibb.co/znkvgjk/Screenshot-10.png)
![[Image: Shooter-Screenshot-553-30-04-24.png]](https://i.ibb.co/4jJxq5d/Shooter-Screenshot-553-30-04-24.png)