Search
Keyword: ransom.win32.cring
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
\TypeSupport\Unicode\Mappings\win\CP1251.TXT %Program Files%\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP1250.TXT %Program Files%\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win
\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT %Program Files%\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT %Program Files%\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
potx pptm pptx pps pot ppt xlw xll xlam xla xlsb xltm xltx xlsm xlsx xlm xlt xls xml dotm dotx docm docx dot doc txt After successfully encrypting user's files, it drops the ransom note
the user. It connects to certain websites to send and receive information. It encrypts files with specific file extensions. It encrypts files found in specific folders. It drops files as ransom note.
information. It drops files as ransom note. Arrival Details This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
characters}.htm It drops and executes the following files: %User Profile%\DesktopOSIRIS.htm ← ransom note %User Profile%\DesktopOSIRIS.bmp ← ransom note, also used as the background image (Note: %User Profile%
information. It is capable of encrypting files in the affected system. It drops files as ransom note. Arrival Details This Ransomware arrives on a system as a file dropped by other malware or as a file
{user name} on Windows 2000, XP, and Server 2003, or C:\Users\{user name} on Windows Vista and 7.) It leaves text files that serve as ransom notes containing the following text: Troj/Cryptear-A
unknowingly by users when visiting malicious sites. It drops files as ransom note. Arrival Details This Ransomware arrives as an attachment to email messages spammed by other malware/grayware or malicious
system. It encrypts files found in specific folders. It drops files as ransom note. Arrival Details This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly
file extensions. It drops files as ransom note. Arrival Details This Ransomware arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as
This ransomware encrypts files and drops a ransom note formatted as {month}-{day}-{year}-INFECTION.TXT . It asks the users to contact the ransomware author via email to decrypt the files. This Trojan
following files: {folder of encrypted files}\_{number of folders encrypted}_HOWDO_text.html - ransom note It drops and executes the following files: %desktop%\_HOWDO_text.html - Ransom note %desktop%
malicious sites. Installation This Trojan drops the following files: (Folder of Encrypted Files}\OSIRIS-{Random Hex Values}.htm → Ransom Note It drops and executes the following files: %User Profile%
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. Arrival Details This
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files with specific file extensions. It
button stops malware execution. It drops the ransom note on {directory of encrypted files} with name ### - ODZYSKAJ SWOJE DANE - ###.TXT If /reg is used as parameter, it adds the following registry