Search
Keyword: ransom.win32.cring
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does not
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
2012.) It drops the following files: %All Users Profile%\select.bat %All Users Profile%\decrypting.txt %All Users Profile%\start.txt %All Users Profile%\cryptinfo.txt -> Ransom Note %All Users Profile%
This ransomware is one of the few ransomware families that is capable of spreading on its own. It drops a copy of itself in removable drives, making use of USBs a risky practice. Another notable
encrypted files It gathers the following information and reports it to its servers: Windows Version User's rights (Example: ADMIN) NOTES: It locks the screen and displays the following ransom note:
2012.) It drops the following files: %All Users Profile%\decrypting.txt %All Users Profile%\start.txt %All Users Profile%\cryptinfo.txt -> Ransom Note %All Users Profile%\date_1.txt %All Users Profile%
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It is capable of encrypting files in the affected
\Start Menu\Programs\Startup on Windows Vista, 7, and 8.) It drops the following component file(s): %User Startup%\How to decrypt your files.txt - ransom note %User Profile%\How to decrypt your files.jpg -
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. Arrival Details This
names: {orginal filename and extension}.encrypted NOTES: It displays a ransom note: Ransom:Win32/KeepLock.A (Microsoft) Downloaded from the Internet, Dropped by other malware Encrypts files
malicious sites. Installation This Trojan drops the following files: {folders containing encrypted files}\_{count of dropped note per folder}_HELP_instructions.html - ransom note It drops and executes the