Prince now has a Windows Defender flag, namely “Ransom:Win64/PrinceRansom.YAA!MTB”. This means that Prince Ransomware will no longer bypass Windows Defender without modifications to remove the signature.
If, for whatever reason, bypassing Windows Defender is a priority for you, contact me on Telegram and I will accept payment for any changes you may require.
Prince is a ransomware written from scratch in Go. It uses a mixture of ChaCha20 and ECIES cryptography in order to encrypt files securely so that they cannot be recovered by traditional recovery tools.
Files which have been encrypted by Prince can only be decrypted using the corresponding decryptor.
Build.bat file.Builder.exe file in the current directory.Builder.exe program.Encryptor and Decryptor directories, as it will not be able to build them otherwise.Prince-Built.exe file is the encryptor. Use caution when handling it as it can cause a lot of damage to your system.Decryptor-Built.exe file is the decryptor. It will only decrypt files which were decrypted by the corresponding encryptor.I chose this unique combination of encryption methods for several reasons:
For more information click here.
Python 3.7 was a significant release for the language. It introduced data classes, a decorator that automatically…
Odoo is a popular open-source suite of business applications. A single platform covers CRM, e-commerce, accounting,…
Let's Encrypt is a free, automated certificate authority run by the Internet Security Research Group…
GCC (GNU Compiler Collection) is a set of compilers and development libraries for C, C++, Fortran,…
Python is one of the most widely used programming languages in the world. Its clean, readable…
Apache Tomcat is an open-source Java application server that implements the Java Servlet, JavaServer Pages, and…