Home / malware Trojan:JS/Ransirac.A
First posted on 17 April 2012.
Source: MicrosoftAliases :
There are no other names known for Trojan:JS/Ransirac.A.
Explanation :
Trojan:JS/Ransirac.A is a JavaScript component of the Trojan:Win32/Ransirac family, a family of trojans that locks the affected user's computer, and attempts to scare and intimidate the user into paying money to regain access to their infected computer.
Top
Trojan:JS/Ransirac.A is a JavaScript component of the Trojan:Win32/Ransirac family, a family of trojans that locks the affected user's computer, and attempts to scare and intimidate the user into paying money to regain access to their infected computer.
Trojan:JS/Ransirac.A is downloaded from a remote host, and displayed in an HTML window on the locked machine. It may look like the following:
The trojan pretends to be from the organization GEMA, and uses links stylesheets and images from the site in order to appear authentic.
The user is prompted to obtain and enter a code in order to regain control of their machine.
For more information about this threat, see the description for Trojan:Win32/Ransirac.G elsewhere in the encyclopedia.
Analysis by Ray Roberts
Last update 17 April 2012