rain-1

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

• Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
• Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
• Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
• Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
• Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

ur0n2

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Command Processor]
"Autorun"="C:\\\\linked\\\\Doskey_Alias_Setting.cmd"

ur0n2

::2017. 03. 10
::LeeJunHwan
::This commands make to linux environment on Windows OS
::But, We have powershell... and bash shell on windows 10 
::Just For Fun!!!

@echo off
doskey ls = dir /W /P $*
doskey ll = dir /A /P $*
doskey cp = copy $*

stuartleeks

[core]
	editor = code --wait
[diff]
    tool = default-difftool
[difftool "default-difftool"]
    cmd = code --wait --diff $LOCAL $REMOTE
[alias]
	amendcommit = "!git commit --amend --reuse-message \"$(git rev-parse --abbrev-ref HEAD)\""
	branches = branch -a --color -v
	wip = !git add -A && git commit -qm "WIP"

ozh

#How to create a .file or .folder on Windows

There are several ways

1. Rename

• Create file.txt
• Rename to .file., the last dot will be dropped, you'll have .file

Works the same with a file or a directory.