General Info

Once on a system it will try to delete Volume Shadow Copies. It will try to terminate a number of services using Restart Manager to ensure it can encrypt files used by them. It will disable real time monitor and uninstall the Windows Defender application. Default behaviour is to encrypt all files on local and networked Server Message Block drives, ignoring files with DLL, .exe, .sys and .lnk extensions. It is also able to target specific drives as well as individual IP addresses.


conti locker ransomware source code leak
During the 2022 Russian invasion of Ukraine, Conti Group announced its support of Russia and threatened to deploy “retaliatory measures” if cyberattacks were launched against the country. As a result, approximately 60,000 messages from internal chat logs were leaked by an anonymous person who indicated their support for Ukraine along with source code and other files used by the group.
Additionally, the Conti Locker source code was leaked, first as a password protected zip file but later it was leaked again — this time without any password.
The zip contents include Conti Locker v2 source code as well as the source code for the decryptor.
for further informations check
This post by qualys


Information/downlods from this site must only be used on devices or networks where you have the express consent from the owner. Any misuse or damage caused by this information is not the responsibility of the site owner or content creator, please use responsibly.


View Github