Strategy, Vulnerability management

Buran ransomware detailed, found to be based on VegaLocker

November 7, 2019
  • Reliable cryptographic algorithm using global and session keys + random file keys;
  • Scan all local drives and all available network paths;
  • High speed: a separate stream works for each disk and network path;
  • Skipping Windows system directories and browser directories;
  • Decryptor generation based on an encrypted file;
  • Correct work on all OSs from Windows XP, Server 2003 to the latest;
  • The locker has no dependencies, does not use third-party libraries, only mathematics and vinapi;
  • The completion of some processes to free open files (optional, negotiated);
  • The ability to encrypt files without changing extensions (optional);
  • Removing recovery points + cleaning logs on a dedicated server (optional);
  • Standard options: tapping, startup, self-deletion (optional);
  • Installed protection against launch in the CIS segment.
prestitial ad