A forum for reverse engineering, OS internals and malware analysis 

Trojan Winlock / Ransom / ScreenLocker

Forum for analysis and discussion about malware.
 Topic locked

Re: Trojan Winlock / Ransom / ScreenLocker

 #15140  by thisisu
 Mon Aug 13, 2012 2:01 am
GMax wrote:
ReviewsAntivirus wrote: MD5: 2EB70294D9A0E8BC6946995786D12423
is droper
unpacked in atache
This through me off for a while. But what you attached includes a Jadtre rootkit.
It is extremely similar if not identical to what is attached here: http://www.kernelmode.info/forum/viewto ... =10#p14914

https://www.virustotal.com/file/51da8ce ... /analysis/

Re: Trojan Winlock / Ransom / ScreenLocker

 #17099  by EP_X0FF
 Mon Dec 10, 2012 6:13 am
Split.

French ransom moved to French Ransom (Trojan:Win32/Ransom.FL)
German ransom moved to German Ransom (GEMA, GVU, InetAccelerator)
...
FakePolice ransoms common thread Trojan Ransom / FakePoliceAlert
AutoIt Ransomware Trojan:AutoIt/LockScreen
Reveton Trojan:Win32/Reveton
Tobfy and clones Trojan:Win32/Tobfy
Weelsof Trojan:Win32/Weelsof
Urausy Trojan:Win32/Urausy (aka "WinLocker")
LokoMoTo Trojan Ransom / WindowsSecurity / LokoMoTo
Pliqpay_monexy Trojan Ransom / Pliqpay_monexy
MBRlock Trojan.MBRlock
Lock Em All Trojan.Winlock - Lock Em All
WinAD Trojan WinAD (alias Ransom.ER, Winlock, Win32.Timer)
ACCDFISA Ransomware ACCDFISA
Xorist Ransom Xorist
Pornoblocker Trojan.Winlock - Pornoblocker
Ransom.BY Trojan:Win32/Ransom.BY

This thread now archived.
 Topic locked
  • 1
  • 5
  • 6
  • 7
  • 8
  • 9
 Return to “Malware”