It’s ransomware… It’s VIRLOCK

07.10.2015 Views
Ransomwares and file infectors • Ransomwares • Purpose • Get money by blocking data or account access • Behavior • File-lockers • Screen-lockers 30.09.2015 www.bitdefender.com 4

Ransomwares and file infectors Screen locker – ICEPOL 30.09.2015 www.bitdefender.com 5

Page 1 and 2: It’s a file infector… It’s ra

Page 3: Background • Most malware on toda

Page 7 and 8: Ransomwares and file infectors •

Page 9 and 10: Ransomwares and file infectors •

Page 11 and 12: Introducing Virlock • Virlock - h

Page 13 and 14: Introducing Virlock File infection

Page 15 and 16: Malware installation • Setting up

Page 17 and 18: Malware installation • Getting to

Page 19 and 20: Account password brute-force • A

Page 21 and 22: Anti-analysis tricks • Detecting

Page 23 and 24: Anti-analysis tricks • Decrypt E

Page 25 and 26: Polymorphic engine • Basic reshap

Page 27 and 28: Different malware versions • Simi

Page 29 and 30: Statistics • Spreading of Win32.V

Page 31 and 32: Statistics • Areas with an increa

Page 33: ? 30.09.2015 www.bitdefender.com 33

malware

virlock

infectors

ransomwares

introducing

statistics

installation

password

infected

ransomware

It’s ransomware… It’s VIRLOCK

Craciun-etal-VB2015 ... View more Craciun-etal-VB2015

Delete template?

Save as template ?

Craciun-etal-VB2015 Craciun-etal-VB2015