[711PartTimeJob]

A new ransomware in development has been found called "cockblocker" or sometimes "cocklocker". It encrypts files using RSA-2048 and renames them to a .hannah extension. Currently demands 1 BTC and displays a very ugly lock screen as seen here:

[p1nk]

C2 server is: ws://collabvm.xyz:4444/rs

If you follow WHOIS data and bounce around a bit, you can find some links to https://github.com/cjhannah

GET /rs HTTP/1.1
User-Agent: websocket-sharp/1.0
Host: collabvm.xyz:4444
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Key: TQAYVC2FuB/7rRtmYE3QAw==
Sec-WebSocket-Version: 13

[TETYYSs]

lol https://www.youtube.com/watch?v=L4Wsy-_5-mA

[huehuehuehue]

This just was made for Danooct1's User Made Malware series
To decrypt files enter "not_a_backdoor"