DECAF Ransomware Download

Posted Under: Download Free Malware Samples , Malware, Ransomware, Windows on Oct 31, 2021
DECAF Ransomware Download
DECAF is a Golang based ransomware. It is written in golang 1.17 in which a new complex mechanism of parameter passing to a function is adopted. This protect it form reserve engineering more difficult. Every file in the systems in encrypted in the file system whose size is less than 4GB. Its uses AES-CBC-128 for encryption. A file marker 0xDADFEEDBABEDECAF is append to the encryoted files so it wont get encrypted again. All encrypted files extension are appened with .decaf, hence the name.

DECAF Ransomware Signatures

Family: Ransom:Win64/Deecaf.A!dha
MD5: 46a1325bb01e37e0ee2d2ba37db257f2
SHA256: 98272cada9caf84c31d70fdc3705e95ef73cb4a5c507e2cf3caee1893a7a6f63

DECAF Ransomware Download

Download DECAF Ransomware Sample