ZCryptor Ransomware

Forum for analysis and discussion about malware.

ZCryptor Ransomware

Postby xors » Sun May 29, 2016 7:02 pm

Saw this new ransomware which was detected by microsoft.

https://www.hybrid-analysis.com/sample/ ... af65f32b8f

https://malwr.com/analysis/YmM3NTRmZTI3 ... RkM2E3YWQ/

It uses some old tricks in order to spread through removable drives.

For more information see https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Ransom%3aWin32%2fZCryptor.A

Also there is a PDB path inside the executable: C:\Users\Asus\Desktop\MyEncrypter2Mod3Window\Release\MyEncrypter2.pdb
You do not have the required permissions to view the files attached to this post.
User avatar
xors
 
Posts: 132
Joined: Mon May 23, 2016 2:01 am
Location: Greece
Reputation point: 63

Ransom:Win32/ZCryptor.A

Postby shaheen » Tue Jun 21, 2016 12:54 pm

https://www.microsoft.com/security/port ... ZCryptor.A

bc557a7bfec430aab3a1b326f35c8d6c1d2de0532263df872b2280af65f32b8f

Thanks
shaheen
 
Posts: 35
Joined: Wed Jun 09, 2010 11:08 pm
Reputation point: 4

Re: Ransom:Win32/ZCryptor.A

Postby Xylitol » Tue Jun 21, 2016 12:58 pm

in attachment
You do not have the required permissions to view the files attached to this post.
User avatar
Xylitol
Global Moderator
 
Posts: 1634
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Reputation point: 491


Return to Malware

Who is online

Users browsing this forum: No registered users and 7 guests