Exetools - View Single Post - Paradise ransomware source code by vx-underground

Thread: Paradise ransomware source code by vx-underground

View Single Post

#6

Old

06-24-2021, 02:22

CodeCracker CodeCracker is offline

CodeCracker is offline

VIP

Join Date: Jun 2011

Posts: 466

Rept. Given: 27

Rept. Rcvd 406 Times in 134 Posts

Thanks Given: 21

Thanks Rcvd at 1,883 Times in 359 Posts

CodeCracker Reputation: 400-499

CodeCracker Reputation: 400-499

CodeCracker Reputation: 400-499

CodeCracker Reputation: 400-499

CodeCracker Reputation: 400-499

From my analyzes of the ransom globeimposter, this ramsoware uses RSA-2048 and AES-128, as far as I know there is no plain text attack of AES-128, and AES key is just some random bytes initialized at execution time; and the key will differ on each run.
So still don't know how the decryption is possible.

Reply With Quote