Analysis of A Software Used By Terrorists 

Francis Perron 

Name: Mojahedeen Secrets 2.
Alias: Asrar ver 2.
Other names: Ekhlaas Islamic Network Public Key Strong Encryption;Asrar El Mojahedeen;Asrar Mujahidin #2;Mujahideen Secrets 2
Author: Ekhlaas Islamic Network
Version: 2.0.0.000 – 2.0.0.100
Program size: 5 967 872 bytes
Distribution: Password Encrypted RAR Archive, password of the archive is 32 caracters long with parts of random caracters
MD5: b9a1bf137aecbd36e234fa08bb4ac69b
SHA1: b24b2d9159dfbd3eb28993cd6bbb2fe05e4d2d8a
Programmed in: Borland Delphi 5
Released: 10 January 2008, 11:50:48

Software fonctions: File encryption/decryption, File shredding, Save preferences, Keys manager, Sign/Verify files, Secure Messaging
Key length max: 2048 bits – Passphrase
For the integrity of your system, this program must be run on a isolated virgin computer or on a virtual machine


The welcome screen gives you a overview of the purpose of the software.
1973 Colt AR-15 SP1 rifle with A1 style upper receiver with a key as silencer

Image comparison / 1973 Colt AR-15 SP1 rifle with A1 style upper receiver


 

Files created when you uncompress the password-protected RAR archive.


Two new files containing the private and public keys are created after the creation of my own key.
If you delete the two files, the keys remain in the AsrarKeys.db file.


Quick overview of the manifest informations of the main program.


A public key is already provided. The User ID is written in Arab and cannot be read on my system as I don’t have Arab installed.
The public key can be used by the terrorist to encrypt its communication and contact the owner of this public key.
The owner of this public key also own the private key and can decrypt the incoming encrypted messages.
Their choice of encryption algorithm is poor and it’s ironic that they use some American algo.


Creation of my own key, key length is 2048 bits.
The generate button takes around 4 minutes to create your keys pairs.


Keys manager window. You can see the available keys.
With a complete keys pairs “Pub/Priv”, you are ready to publish your public key and begin to communicate secretly with other terrorists.


This window is interresting, you can choose the recipient of your secret message, here the recipient is the name written in Arab with
the key id “26591484”. The sender is “Francis” with the key id “C4EF92DD”. The secret message can be inserted in a file, at the bottom
of the screen you can select which file you want to encrypt/decrypt. You also have the option to securely shred the original file and only
keep the encrypted one.


This window allow you to quickly communicate with someone by chat programs.
Here you type the message that you want to encrypt and its get encrypted as seen on the next screenshot.


You can see the encrypted message block , it looks like a PGP block. This block is ready to be pasted into your chat software.

 

In this window you paste the encrypted block that you have received by chat.
When you click on Decrypt. The “Received Message Decrypted” tab will be filed with the decrypted message.
To communicate, you exchange encrypted blocks as seen on the previous screenshot.


 

File shredder function available in the software. You can shred multiple files and filter by extension, very useful.


 

Preferences window. You can choose the compression level of the output files;
The number of wipe out of the file shredded can be set from 4 to 10.
Knowing that this tool is used for illegal activities, the maximum of passes should be greater than 10.

Copyright 2009 – today, all rights reserved

 

 

Advertisements

About chainsoff.

Intelligence Media Service, Monitors and Analyzes Extremists’ activities, including and not limited to: The Muslim Brotherhood, Kurdish Terrorism, Syrian Politics, Jabhet Al-Nusra, Hezbollah, Cyber Crime, and Taliban activities in Syria. Well known for her deep knowledge on Terrorism. Open Source Exploitation expert in the discovery, collection, and assessment of foreign-based publicly available information, also known as Open Source Intelligence (OSINT), HIMNT
This entry was posted in Uncategorized and tagged , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s