Do I need a different bitcoin address (and account) for every victim?
Of course not, every victim will get an unique bitcoin address where the ransom will be forwarded from.
Is it safe to be payed by an unique bitcoin address of yours?
As soon as a payment has been forwarded, your customer bitcoin address is published on the blockchain. You have to mix your coins by yourself.
I'm a customer and I've accidentally encrypted my files with my own exe. Can I decrypt it for free?
Long explanation: Now that's somehow difficult for me. When someone is able to sign messages with your bitcoin address' private key, I have to assume that it's you. I've got no way to "authenticate" it even further.
Short explanation: Yes, but sign the whole message. If there's any doubt, I've to decline the request.
Is there any difference between the exe I'm giving to the victim and the demo exe?
When you haven't requested readme changes (which needs to get confirmed by me), no. Even then the only changes are the readme changes.
No signup fee, five percent share and even signed. Where's the catch?
You've got me there. I was marking bitcoin wallets at the encryptor, which get sent to my server in encrypted form at the decryptor. The mark was there to tell my server to ignore decryption attempts of this file.
I've implemented it at the decryptor so both or none will profit. I haven't received any wallets (as at 2016-03-18). The feature is still implemented, but without the mark, which my server is ignoring now. Maybe I'll add authenticode certificates to the feature if it'll get approval.
I've added the feature because I need certificates and money in order to keep my platform up. Please tell me your opinion about this feature!
Why is the curl library even added to the encryptor? (Notice: It's not always there)
It's there to evade multiple AVs.
Are you selling your ransomware?
No.