French Ransom (Trojan:Win32/Ransom.FL) - Page 4

Re: Trojan Winlock / Ransom / ScreenLocker

#11536 by rkhunter
Fri Feb 10, 2012 7:20 am

French

MD5: eb7c1dedaf73798d1b3e30a412c386c9
4/43

Attachments

EB7C1DEDAF73798D1B3E30A412C386C9.zip

pass:infected
(208.67 KiB) Downloaded 58 times

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Trojan Winlock / Ransom / ScreenLocker

#11649 by rkhunter
Thu Feb 16, 2012 11:01 am

French

MD5: 3e5d8811e863db90e1ad28c28158df0a
6/43

Attachments

3E5D8811E863DB90E1AD28C28158DF0A.zip

pass:infected
(208.2 KiB) Downloaded 61 times

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Trojan Ransom / FakePoliceAlert

#11657 by NarfBang
Thu Feb 16, 2012 7:08 pm

SHA256:
ce9c7f46cad1e40cb9e411736b5bc66412f61ee2aa6d638e4413ea4efdfde648
File name:
file-3554303_
Detection ratio:
2 / 43
https://www.virustotal.com/file/ce9c7f4 ... /analysis/

Cheers!

Attachments

17.7z

pass = infected
(275.87 KiB) Downloaded 64 times

Username

NarfBang

Posts

17

Joined

Thu Jun 30, 2011 4:29 pm

Re: Trojan Ransom / FakePoliceAlert

#11659 by rkhunter
Fri Feb 17, 2012 5:18 am

NarfBang wrote:SHA256:
ce9c7f46cad1e40cb9e411736b5bc66412f61ee2aa6d638e4413ea4efdfde648

This is French ransomware.

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Trojan Winlock / Ransom / ScreenLocker

#11678 by rkhunter
Sat Feb 18, 2012 7:49 am

French - Ransom.FL

MD5: 25d4dfe7a9a80bdfcaa99ba274192bcf
5/43

Attachments

25D4DFE7A9A80BDFCAA99BA274192BCF.zip

pass:infected
(206.58 KiB) Downloaded 62 times

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Trojan Winlock / Ransom / ScreenLocker

#11773 by rkhunter
Thu Feb 23, 2012 12:57 pm

TrendMicro about French ransomware http://blog.trendmicro.com/compromised- ... ansomware/

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Trojan Ransom / FakePoliceAlert

#11788 by Maxstar
Fri Feb 24, 2012 11:10 am

Belgium / French

https://www.virustotal.com/file/87cee50 ... /analysis/

Details: http://www.pcwebplus.nl/phpbb/viewtopic ... 222&t=5905

http://www.imgdumper.nl/uploads5/4f476f ... opsTR1.jpg

Attachments

malware.zip

PW=infected
(152.33 KiB) Downloaded 64 times

Malware Removal Instructions

Username

Maxstar

Posts

88

Joined

Wed Jan 26, 2011 10:20 am

Re: Trojan Winlock / Ransom / ScreenLocker

#11918 by rkhunter
Thu Mar 01, 2012 8:31 am

French

MD5: D9BB35A1BCE9812AC8DCAF9FF1C72C9C
13/43

Attachments

D9BB35A1BCE9812AC8DCAF9FF1C72C9C.zip

pass:infected
(228.12 KiB) Downloaded 61 times

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Trojan Winlock / Ransom / ScreenLocker

#11954 by rkhunter
Sun Mar 04, 2012 5:48 pm

French

MD5: 606fb709dcd879eb2cbfca3a99a3d3c2
9/43

Attachments

606FB709DCD879EB2CBFCA3A99A3D3C2.zip

pass:infected
(200.71 KiB) Downloaded 67 times

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Trojan Winlock / Ransom / ScreenLocker

#12447 by thisisu
Sat Mar 31, 2012 9:01 pm

"Gendarmerie Nationale"
pass: infected
https://www.virustotal.com/file/9009d5c ... /analysis/
__

__

Code: Select all

"HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load"	""	""	""
+ "C:\DOCUME~1\owner\LOCALS~1\Temp\4A7DE4666052AD44198A.exe,"	""	""	"File not found: C:\DOCUME~1\owner\LOCALS~1\Temp\4A7DE4666052AD44198A.exe,"

Attachments

02499d9c82b9aa42e82f7323b8dd6c0b.zip

Gendarmerie Nationale
(44.81 KiB) Downloaded 79 times

Username

thisisu

Posts

362

Joined

Sun Feb 26, 2012 8:57 am

Contact