SecurityHome.eu Trojan.Cryptolocker.F

Home / malware PDF

Trojan.Cryptolocker.F

First posted on 03 June 2014.
Source: Symantec
Aliases :
There are no other names known for Trojan.Cryptolocker.F.
Explanation :
The Trojan may arrive as an attachment to spam email.

When the Trojan is executed, it creates the following file:
%Windir%\[RANDOM FILE NAME].exe

The Trojan creates the following registry entries:
HKEY_CURRENT_USER\Software\Bit Torrent ApplicationHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"kygxiuqw" = %Windir%\[RANDOM FILE NAME].exe
The Trojan may encrypt data files on the compromised computer.

Note: Encrypted files are given are given a ".encrypted" extension.

The Trojan may create the following file in folders with encrypted files:
PLEASE_READ.txt

Note: This file contains instructions on how to decrypt the encrypted files.

The Trojan may display the following window:
Last update 03 June 2014

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Trojan:W32/Qhost.JE
Trojan-Downloader:HTML/Agent.DY
Trojan.Cidox!kmem
Trojan.Ransomlock!g75
Trojan.Klovbot!gen2
Trojan.Poweliks!gm
Trojan.Shylock!gen9
Trojan-Dropper:W32/Agent.CMW
Trojan-Downloader:W32/Agent.TPF
Trojan:SymbOS/Bootton.I