Source Code Language = C++
Features
- File encryption is performed using the robust AES CBC 256 algorithm, employing a randomly generated key and a 128-bit IV.
- Anti-dumping functions are implemented to elude detection by certain anti-virus software.
- The program incorporates a whitelist and blacklist feature, allowing for targeted or excluded file extensions during the encryption process.
- RansomTuga has the capability to capture photos from all connected webcams.
- It also steals various system information, including hardware ID (HWID), IP address, CPU and RAM specifications, GPU brand, screen resolution, screenshots, clipboard contents, GPS location and Wi-Fi passwords.
- The malware can delete restore points on the system.
- Encrypted files can be assigned a custom file icon.
- The victim's wallpaper can be altered by the malware.
- Before encryption, files can be uploaded to a remote server.
- The encryption key, along with stolen information, can be sent to the attacker through email or a Telegram bot.
- The malware has a self-deletion feature, removing its executable after execution.
- With over 70 different options, RansomTuga is highly customizable. And many more features are available!