Prince now has a Windows Defender flag, namely “Ransom:Win64/PrinceRansom.YAA!MTB”. This means that Prince Ransomware will no longer bypass Windows Defender without modifications to remove the signature.
If, for whatever reason, bypassing Windows Defender is a priority for you, contact me on Telegram and I will accept payment for any changes you may require.
Prince is a ransomware written from scratch in Go. It uses a mixture of ChaCha20 and ECIES cryptography in order to encrypt files securely so that they cannot be recovered by traditional recovery tools.
Files which have been encrypted by Prince can only be decrypted using the corresponding decryptor.
Build.bat
file.Builder.exe
file in the current directory.Builder.exe
program.Encryptor
and Decryptor
directories, as it will not be able to build them otherwise.Prince-Built.exe
file is the encryptor. Use caution when handling it as it can cause a lot of damage to your system.Decryptor-Built.exe
file is the decryptor. It will only decrypt files which were decrypted by the corresponding encryptor.I chose this unique combination of encryption methods for several reasons:
For more information click here.
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…